VYPR
Medium severity5.9NVD Advisory· Published Jun 24, 2011· Updated Jun 16, 2026

CVE-2011-0199

CVE-2011-0199

Description

The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation (EV) certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*range: >=10.6.0,<10.6.8
    • (no CPE)range: <10.6.8
  • cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
    Range: >=10.6.0,<10.6.8

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.