VYPR
Critical severity9.8NVD Advisory· Published Nov 15, 2010· Updated Jun 16, 2026

CVE-2010-1378

CVE-2010-1378

Description

OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitrary certificate issued by a legitimate Certification Authority.

Affected products

3
  • cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*range: >=10.6.0,<10.6.5
    • (no CPE)range: <10.6.5
  • cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
    Range: >=10.6.0,<10.6.5

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.