ID
VAR-200810-0201
CVE
CVE-2008-4368
TITLE
Apple Mac OS X Vulnerability in decrypting cipher text
Trust: 0.8
sources:
JVNDB: JVNDB-2008-002351
DESCRIPTION
The default configuration of Java 1.5 on Apple Mac OS X 10.5.4 and 10.5.5 contains a jurisdiction policy that limits Java Cryptography Extension (JCE) key sizes to 128 bits, which makes it easier for attackers to decrypt ciphertext produced by JCE. Mac OS X is prone to a remote security vulnerability
Trust: 1.98
sources:
NVD: CVE-2008-4368 //
JVNDB: JVNDB-2008-002351 //
BID: 84759 //
VULHUB: VHN-34493
AFFECTED PRODUCTS
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.5.4 | Trust: 2.4 |
| vendor: | apple | model: | mac os x | scope: | eq | version: | 10.5.5 | Trust: 2.4 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.5 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.4 | Trust: 0.3 |
sources:
BID: 84759 //
JVNDB: JVNDB-2008-002351 //
CNNVD: CNNVD-200810-001 //
NVD: CVE-2008-4368
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
VULHUB: VHN-34493 //
JVNDB: JVNDB-2008-002351 //
CNNVD: CNNVD-200810-001 //
NVD: CVE-2008-4368
PROBLEMTYPE DATA
| problemtype: | CWE-310 | Trust: 1.9 |
sources:
VULHUB: VHN-34493 //
JVNDB: JVNDB-2008-002351 //
NVD: CVE-2008-4368
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-200810-001
TYPE
encryption problem
Trust: 0.6
sources:
CNNVD: CNNVD-200810-001
CONFIGURATIONS
sources:
JVNDB: JVNDB-2008-002351
PATCH
| title: | HT3179 | url: | http://support.apple.com/kb/HT3179 | Trust: 0.8 |
sources:
JVNDB: JVNDB-2008-002351
EXTERNAL IDS
| db: | NVD | id: | CVE-2008-4368 | Trust: 2.8 |
| db: | XF | id: | 45650 | Trust: 0.9 |
| db: | JVNDB | id: | JVNDB-2008-002351 | Trust: 0.8 |
| db: | APPLE | id: | APPLE-SA-2008-09-24 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-200810-001 | Trust: 0.6 |
| db: | BID | id: | 84759 | Trust: 0.4 |
| db: | VULHUB | id: | VHN-34493 | Trust: 0.1 |
sources:
VULHUB: VHN-34493 //
BID: 84759 //
JVNDB: JVNDB-2008-002351 //
CNNVD: CNNVD-200810-001 //
NVD: CVE-2008-4368
REFERENCES
| url: | http://lists.apple.com/archives/security-announce//2008/sep/msg00007.html | Trust: 2.0 |
| url: | http://support.apple.com/kb/ht3179 | Trust: 2.0 |
| url: | https://exchange.xforce.ibmcloud.com/vulnerabilities/45650 | Trust: 1.1 |
| url: | http://xforce.iss.net/xforce/xfdb/45650 | Trust: 0.9 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4368 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-4368 | Trust: 0.8 |
sources:
VULHUB: VHN-34493 //
BID: 84759 //
JVNDB: JVNDB-2008-002351 //
CNNVD: CNNVD-200810-001 //
NVD: CVE-2008-4368
CREDITS
Unknown
Trust: 0.3
sources:
BID: 84759
SOURCES
| db: | VULHUB | id: | VHN-34493 |
| db: | BID | id: | 84759 |
| db: | JVNDB | id: | JVNDB-2008-002351 |
| db: | CNNVD | id: | CNNVD-200810-001 |
| db: | NVD | id: | CVE-2008-4368 |
LAST UPDATE DATE
2025-04-10T20:22:40.324000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-34493 | date: | 2017-08-08T00:00:00 |
| db: | BID | id: | 84759 | date: | 2008-10-01T00:00:00 |
| db: | JVNDB | id: | JVNDB-2008-002351 | date: | 2009-07-08T00:00:00 |
| db: | CNNVD | id: | CNNVD-200810-001 | date: | 2008-10-07T00:00:00 |
| db: | NVD | id: | CVE-2008-4368 | date: | 2025-04-09T00:30:58.490 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-34493 | date: | 2008-10-01T00:00:00 |
| db: | BID | id: | 84759 | date: | 2008-10-01T00:00:00 |
| db: | JVNDB | id: | JVNDB-2008-002351 | date: | 2009-07-08T00:00:00 |
| db: | CNNVD | id: | CNNVD-200810-001 | date: | 2008-10-01T00:00:00 |
| db: | NVD | id: | CVE-2008-4368 | date: | 2008-10-01T15:38:32.717 |