Vulnerability Database

291,049

Total vulnerabilities in the database

CVE-2009-0161

The OpenSSL::OCSP module for Ruby in Apple Mac OS X 10.5 before 10.5.7 misinterprets an unspecified invalid response as a successful OCSP certificate validation, which might allow remote attackers to spoof certificate authentication via a revoked certificate.

  • Published: May 13, 2009
  • Updated: Apr 13, 2023
  • CVE: CVE-2009-0161
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.4
  • AV:N/AC:L/Au:N/C:N/I:P/A:P

CWEs:

Software From Fixed in
apple / mac_os_x_server 10.5.2 10.5.2.x
apple / mac_os_x 10.5.6 10.5.6.x
apple / mac_os_x_server 10.4.11 10.4.11.x
apple / mac_os_x 10.5.5 10.5.5.x
apple / mac_os_x 10.5.1 10.5.1.x
apple / mac_os_x_server 10.5.1 10.5.1.x
apple / mac_os_x_server 10.5.6 10.5.6.x
apple / mac_os_x 10.5.3 10.5.3.x
apple / mac_os_x 10.5.0 10.5.0.x
apple / mac_os_x_server 10.5.0 10.5.0.x
apple / mac_os_x_server 10.5.3 10.5.3.x
apple / mac_os_x_server 10.5.4 10.5.4.x
apple / mac_os_x 10.5.2 10.5.2.x
apple / mac_os_x 10.5.4 10.5.4.x