CVE-2009-1682

Apple Safari before 4.0 does not properly check for revoked Extended Validation (EV) certificates, which makes it easier for remote attackers to trick a user into accepting an invalid certificate.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
applesafari
𝑥
≤ 4.0_beta
applesafari
0.8
applesafari
0.9
applesafari
1.0
applesafari
1.0.3
applesafari
1.1
applesafari
1.2
applesafari
1.3
applesafari
1.3.1
applesafari
1.3.2
applesafari
2.0
applesafari
2.0.2
applesafari
2.0.4
applesafari
3.0
applesafari
3.0.2
applesafari
3.0.3
applesafari
3.0.4
applesafari
3.1
applesafari
3.1.1
applesafari
3.1.2
applesafari
3.2.1
applesafari
3.2.3
applesafari
𝑥
≤ 3.2.3
applesafari
3.0
applesafari
3.0.1
applesafari
3.0.2
applesafari
3.0.3
applesafari
3.0.4
applesafari
3.1
applesafari
3.1.1
applesafari
3.1.2
applesafari
3.2
applesafari
3.2.1
applesafari
3.2.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
http://osvdb.org/54982
http://secunia.com/advisories/35379
http://support.apple.com/kb/HT3613
http://www.securityfocus.com/bid/35260
http://www.securityfocus.com/bid/35353
http://www.securitytracker.com/id?1022346
http://www.vupen.com/english/advisories/2009/1522
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
http://osvdb.org/54982
http://secunia.com/advisories/35379
http://support.apple.com/kb/HT3613
http://www.securityfocus.com/bid/35260
http://www.securityfocus.com/bid/35353
http://www.securitytracker.com/id?1022346
http://www.vupen.com/english/advisories/2009/1522