CVE-2008-4368

The default configuration of Java 1.5 on Apple Mac OS X 10.5.4 and 10.5.5 contains a jurisdiction policy that limits Java Cryptography Extension (JCE) key sizes to 128 bits, which makes it easier for attackers to decrypt ciphertext produced by JCE.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
VendorProductVersion
applemac_os_x
10.5.4
applemac_os_x
10.5.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html
http://support.apple.com/kb/HT3179
https://exchange.xforce.ibmcloud.com/vulnerabilities/45650
http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html
http://support.apple.com/kb/HT3179
https://exchange.xforce.ibmcloud.com/vulnerabilities/45650