CVE-2007-3754
First published: Thu Sep 27 2007(Updated: )
Mail in Apple iPhone 1.1.1, when using SSL, does not warn the user when the mail server changes or is not trusted, which might allow remote attackers to steal credentials and read email via a man-in-the-middle (MITM) attack.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iPhone OS | =1.0.2 | |
| Apple iPhone | =1.0 | |
| Apple iPhone OS | =1.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.apple.com/archives/security-announce/2007/Sep/msg00001.html
- http://docs.info.apple.com/article.html?artnum=306586
- http://www.securityfocus.com/bid/25856
- http://securitytracker.com/id?1018752
- http://secunia.com/advisories/26983
- http://www.vupen.com/english/advisories/2007/3287
- http://osvdb.org/38537
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36845
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-historical
- collector/nvd-index
- vendor/apple
- canonical/apple iphone os
- version/apple iphone os/1.0.2
- canonical/apple iphone
- version/apple iphone/1.0
- version/apple iphone os/1.0.1