CVE-2010-1802
CVE-2010-1802 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:P/A:N
libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con certificate to spoof www.example.com.
Learn more about our Cis Benchmark Audit For Server Software.