CVE-2009-1682

Apple Safari before 4.0 does not properly check for revoked Extended Validation (EV) certificates, which makes it easier for remote attackers to trick a user into accepting an invalid certificate.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
applesafari
𝑥
≤ 4.0_beta
applesafari
0.8
applesafari
0.9
applesafari
1.0
applesafari
1.0.3
applesafari
1.1
applesafari
1.2
applesafari
1.3
applesafari
1.3.1
applesafari
1.3.2
applesafari
2.0
applesafari
2.0.2
applesafari
2.0.4
applesafari
3.0
applesafari
3.0.2
applesafari
3.0.3
applesafari
3.0.4
applesafari
3.1
applesafari
3.1.1
applesafari
3.1.2
applesafari
3.2.1
applesafari
3.2.3
applesafari
𝑥
≤ 3.2.3
applesafari
3.0
applesafari
3.0.1
applesafari
3.0.2
applesafari
3.0.3
applesafari
3.0.4
applesafari
3.1
applesafari
3.1.1
applesafari
3.1.2
applesafari
3.2
applesafari
3.2.1
applesafari
3.2.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
http://osvdb.org/54982
http://secunia.com/advisories/35379
http://support.apple.com/kb/HT3613
http://www.securityfocus.com/bid/35260
http://www.securityfocus.com/bid/35353
http://www.securitytracker.com/id?1022346
http://www.vupen.com/english/advisories/2009/1522
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
http://osvdb.org/54982
http://secunia.com/advisories/35379
http://support.apple.com/kb/HT3613
http://www.securityfocus.com/bid/35260
http://www.securityfocus.com/bid/35353
http://www.securitytracker.com/id?1022346
http://www.vupen.com/english/advisories/2009/1522