NVD

Id
12909  
Name
CVE-2010-1377  
Description
Open Directory in Apple Mac OS X 10.6 before 10.6.4 creates an unencrypted connection upon certain SSL failures, which allows man-in-the-middle attackers to spoof arbitrary network account servers, and possibly execute arbitrary code, via unspecified vectors.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-18  
Published
2010-06-17  
Modified Date
2010-06-18  
Seq
2010-1377  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
71059 12909 CVE-2010-1377 APPLE-SA-2010-06-15-1  View
71060 12909 CVE-2010-1377 1024103  View
71061 12909 CVE-2010-1377 http://support.apple.com/kb/HT4188  View
71062 12909 CVE-2010-1377 40871  View
71063 12909 CVE-2010-1377 ADV-2010-1481  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
35877 JVNDB-2010-001657 Apple Mac OS X の Open Directory における任意のコードを実行される脆弱性 Apple Mac OS X の Open Directory には、特定の SSL の障害発生時、暗号化されていない接続を生成してしまう不備があるため、ネットワークアカウントサーバになりすまされ、任意のコードを実行される脆弱性が存在します。 CVE-2010-1377 43957 CVE-2010-1377 12909 9.3 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001657.html 2010-06-15 2010-07-09 View