← Back

CVE-2009-0152

nvd nist
Published: May 13, 2009Modified: Apr 23, 2026

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL Instant Messenger (AIM) communication in certain circumstances that are inconsistent with the Require SSL setting, which allows remote attackers to obtain sensitive information by sniffing the network.

Affected (2)

Apple
2 products
Mac Os X
Mac Os X Server
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Mac Os X
From 10.5.0 to 10.5.7
Mac Os X Server
From 10.5.0 to 10.5.7

Related CWEs

CWE-312
Cleartext Storage of Sensitive Information
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

References (16)

Source: cve@mitre.org
Mailing ListPatchVendor Advisory
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Broken LinkThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Broken LinkThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Third Party AdvisoryUS Government Resource
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.