Address Book in Apple Mac OS X before 10.7.3 automatically switches to unencrypted sessions upon failure of encrypted connections, which allows remote attackers to read CardDAV data by terminating an encrypted connection and then sniffing the network.
References
Link | Resource |
---|---|
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html | Vendor Advisory |
http://support.apple.com/kb/HT5130 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apple
Published: 2022-10-03T16:15:06
Updated: 2022-10-03T16:15:06
Reserved: 2022-10-03T00:00:00
Link: CVE-2011-3444
JSON object: View
NVD Information
Status : Analyzed
Published: 2012-02-02T18:55:01.037
Modified: 2012-02-06T05:00:00.000
Link: CVE-2011-3444
JSON object: View
Redhat Information
No data.
CWE