Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certification authority.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apple Safari CFNetwork SSL加密问题漏洞
Vulnerability Description
CFNetwork是一个低层次、高性能的框架,是BSD sockets(套接字)的扩展,它可使用户灵活操纵协议栈,以及提供标准化抽象的API简化FTP HTTP服务器交互任务、解决DNS主机解析等。 当处理SSL证书时,基于Windows平台的Apple Safari 5.0.6之前版本中的CFNetwork不能正确处理系统根证书中的不可信属性。远程web服务器可借助黑名单证书权威机构授予的证书绕过预设的SSL限制。
CVSS Information
N/A
Vulnerability Type
N/A