Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Cfnetwork
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-0214 2 Apple, Microsoft 5 Cfnetwork, Safari, Windows 7 and 2 more 2024-11-21 5.0 MEDIUM N/A
CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certification authority.
CVE-2010-1800 1 Apple 3 Cfnetwork, Mac Os X, Mac Os X Server 2024-11-21 5.0 MEDIUM N/A
CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses.
CVE-2010-1420 2 Apple, Microsoft 5 Cfnetwork, Safari, Windows 7 and 2 more 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file.
CVE-2010-1383 2 Apple, Microsoft 5 Cfnetwork, Safari, Windows 7 and 2 more 2024-11-21 9.3 HIGH N/A
CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a "credential reflection" issue.
CVE-2007-2403 1 Apple 3 Cfnetwork, Mac Os X, Mac Os X Server 2024-11-21 6.8 MEDIUM N/A
CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers.