CVE-2010-1378

Priority
Low
Description
OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform
arithmetic, which allows remote attackers to bypass X.509 certificate
authentication via an arbitrary certificate issued by a legitimate
Certification Authority.
References
Notes
sbeattie: According to Apple, this issue *only* exists in the version
of openssl shipped by Apple; see http://support.apple.com/kb/HT4435
Package
Upstream:not-affected
Ubuntu 8.04 LTS (Hardy Heron):not-affected
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Ubuntu 11.04 (Natty Narwhal):not-affected
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:20:52 UTC (commit 5347)