The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Certificate Assistant in Apple Mac OS X before 10.6.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to 10.6.1 (inclusive)
cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:* versions up to 10.6.1 (inclusive)
|800795||Mac OS X 10.6 < 10.6.2 Multiple Vulnerabilities||Log Correlation Engine||Operating System Detection|
|5227||Mac OS X 10.6 < 10.6.2 Multiple Vulnerabilities||Nessus Network Monitor||Generic|
|42434||Mac OS X 10.6.x < 10.6.2 Multiple Vulnerabilities||Nessus||MacOS X Local Security Checks|
|42433||Mac OS X Multiple Vulnerabilities (Security Update 2009-006)||Nessus||MacOS X Local Security Checks|