How severe is CVE-2007-6592?

The severity of CVE-2007-6592 has not been assessed with CVSS v3.

CVE-2007-6592

Name: safari
Author: apple

NONE

Apple Safari 2, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in subjectAltName:dNSNam

Published: 12/28/2007Updated: 4/9/2025

Description

Apple Safari 2, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site.

AI AnalysisPowered by AI

Affected Products

applesafari

References

http://nils.toedtmann.net/pub/subjectAltName.txt
http://securityreason.com/securityalert/3498
http://www.securityfocus.com/archive/1/483929/100/100/threaded
http://www.securityfocus.com/archive/1/483937/100/100/threaded
http://nils.toedtmann.net/pub/subjectAltName.txt
http://securityreason.com/securityalert/3498
http://www.securityfocus.com/archive/1/483929/100/100/threaded
http://www.securityfocus.com/archive/1/483937/100/100/threaded