Mail in Apple iPhone 1.1.1, when using SSL, does not warn the user when the mail server changes or is not trusted, which might allow remote attackers to steal credentials and read email via a man-in-the-middle (MITM) attack.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:33
Type | Values Removed | Values Added |
---|---|---|
References | () http://docs.info.apple.com/article.html?artnum=306586 - | |
References | () http://lists.apple.com/archives/security-announce/2007/Sep/msg00001.html - Patch | |
References | () http://osvdb.org/38537 - | |
References | () http://secunia.com/advisories/26983 - | |
References | () http://securitytracker.com/id?1018752 - | |
References | () http://www.securityfocus.com/bid/25856 - | |
References | () http://www.vupen.com/english/advisories/2007/3287 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/36845 - |
Information
Published : 2007-09-27 21:17
Updated : 2024-11-21 00:33
NVD link : CVE-2007-3754
Mitre link : CVE-2007-3754
CVE.ORG link : CVE-2007-3754
JSON object : View
Products Affected
apple
- iphone
- iphone_os
CWE
CWE-287
Improper Authentication