CVE-2007-3754

Mail in Apple iPhone 1.1.1, when using SSL, does not warn the user when the mail server changes or is not trusted, which might allow remote attackers to steal credentials and read email via a man-in-the-middle (MITM) attack.
Configurations

Configuration 1 (hide)

OR cpe:2.3:h:apple:iphone:1.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*

History

21 Nov 2024, 00:33

Type Values Removed Values Added
References () http://docs.info.apple.com/article.html?artnum=306586 - () http://docs.info.apple.com/article.html?artnum=306586 -
References () http://lists.apple.com/archives/security-announce/2007/Sep/msg00001.html - Patch () http://lists.apple.com/archives/security-announce/2007/Sep/msg00001.html - Patch
References () http://osvdb.org/38537 - () http://osvdb.org/38537 -
References () http://secunia.com/advisories/26983 - () http://secunia.com/advisories/26983 -
References () http://securitytracker.com/id?1018752 - () http://securitytracker.com/id?1018752 -
References () http://www.securityfocus.com/bid/25856 - () http://www.securityfocus.com/bid/25856 -
References () http://www.vupen.com/english/advisories/2007/3287 - () http://www.vupen.com/english/advisories/2007/3287 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/36845 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/36845 -

09 Aug 2022, 13:46

Type Values Removed Values Added
CPE cpe:2.3:h:apple:iphone:1.0.2:*:*:*:*:*:*:*
cpe:2.3:h:apple:iphone:1.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*

Information

Published : 2007-09-27 21:17

Updated : 2024-11-21 00:33


NVD link : CVE-2007-3754

Mitre link : CVE-2007-3754

CVE.ORG link : CVE-2007-3754


JSON object : View

Products Affected

apple

  • iphone_os
  • iphone
CWE
CWE-287

Improper Authentication