Critical severity9.8NVD Advisory· Published Nov 15, 2010· Updated Jun 16, 2026
CVE-2010-1378
CVE-2010-1378
Description
OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitrary certificate issued by a legitimate Certification Authority.
Affected products
3cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*range: >=10.6.0,<10.6.5
- (no CPE)range: <10.6.5
Patches
Vulnerability mechanics
References
2- support.apple.com/kb/HT4435nvdBroken LinkPatchVendor Advisory
- lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlnvdMailing List
News mentions
0No linked articles in our index yet.