How severe is CVE-2007-6592?

The severity of CVE-2007-6592 has not been assessed with CVSS v3.

CVE-2007-6592

Name: safari
Author: apple

NONE

Apple Safari 2, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in subjectAltName:dNSNam

Veröffentlicht: 12/28/2007Aktualisiert: 4/9/2025

Beschreibung

Apple Safari 2, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site.

KI-AnalyseKI-gestützt

Betroffene Produkte

applesafari

Referenzen

http://nils.toedtmann.net/pub/subjectAltName.txt
http://securityreason.com/securityalert/3498
http://www.securityfocus.com/archive/1/483929/100/100/threaded
http://www.securityfocus.com/archive/1/483937/100/100/threaded
http://nils.toedtmann.net/pub/subjectAltName.txt
http://securityreason.com/securityalert/3498
http://www.securityfocus.com/archive/1/483929/100/100/threaded
http://www.securityfocus.com/archive/1/483937/100/100/threaded