libsecurity in Apple Mac OS X before 10.7.4 does not properly restrict the length of RSA keys within X.509 certificates, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by conducting a spoofing or network-sniffing attack during communication with a site that uses a short key.
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to 10.7.3 (inclusive)
cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:* versions up to 10.7.3 (inclusive)
|6482||Mac OS X 10.7 < 10.7.4 Multiple Vulnerabilities||Nessus Network Monitor||Generic||critical|
|59067||Mac OS X Multiple Vulnerabilities (Security Update 2012-002) (BEAST)||Nessus||MacOS X Local Security Checks||critical|
|59066||Mac OS X 10.7.x < 10.7.4 Multiple Vulnerabilities (BEAST)||Nessus||MacOS X Local Security Checks||critical|