- Home
- CVEs with nessus.description==The remote Mac OS X host has a version of Apple Xcode installed that
is prior to 4.4. It is, therefore, affected by multiple
vulnerabilities :
- An information disclosure vulnerability, known as BEAST,
exists in the SSL 3.0 and TLS 1.0 protocols due to a
flaw in the way the initialization vector (IV) is
selected when operating in cipher-block chaining (CBC)
modes. A man-in-the-middle attacker can exploit this
to obtain plaintext HTTP header data, by using a
blockwise chosen-boundary attack (BCBA) on an HTTPS
session, in conjunction with JavaScript code that uses
the HTML5 WebSocket API, the Java URLConnection API,
or the Silverlight WebClient API. (CVE-2011-3389)
- An information disclosure vulnerability exists that may
allow a specially crafted App Store application to read
entries in the keychain. (CVE-2012-3698)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top