Some SSL clients will accept weak RSA keys without asking for those keys. Attackers can force clients to downgrade to weakened ciphers and break their communications through a man-in-the-middle attack. The vulnerability affects a variety of clients, most notably Apple s Safari browser. Experts say that, in practice, the attack may not be much of an imminent danger, but only because you have to have many ducks in a row to find a vulnerable server that offers a weak key.
Source: https://threatpost.com/new-freak-attack-threatens-many-ssl-clients/111390/