Vulnerability Details CVE-2011-0207
The MobileMe component in Apple Mac OS X before 10.6.8 uses a cleartext HTTP session for the Mail application to read e-mail aliases, which allows remote attackers to obtain potentially sensitive alias information by sniffing the network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.4%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2011-0207
-
cpe:2.3:o:apple:mac_os_x:10.6.0
-
cpe:2.3:o:apple:mac_os_x:10.6.1
-
cpe:2.3:o:apple:mac_os_x:10.6.2
-
cpe:2.3:o:apple:mac_os_x:10.6.3
-
cpe:2.3:o:apple:mac_os_x:10.6.4
-
cpe:2.3:o:apple:mac_os_x:10.6.5
-
cpe:2.3:o:apple:mac_os_x:10.6.6
-
cpe:2.3:o:apple:mac_os_x:10.6.7
-
cpe:2.3:o:apple:mac_os_x_server:10.6.0
-
cpe:2.3:o:apple:mac_os_x_server:10.6.1
-
cpe:2.3:o:apple:mac_os_x_server:10.6.2
-
cpe:2.3:o:apple:mac_os_x_server:10.6.3
-
cpe:2.3:o:apple:mac_os_x_server:10.6.4
-
cpe:2.3:o:apple:mac_os_x_server:10.6.5
-
cpe:2.3:o:apple:mac_os_x_server:10.6.6
-
cpe:2.3:o:apple:mac_os_x_server:10.6.7