CVE-2007-3754

Sažetak

Mail in Apple iPhone 1.1.1, when using SSL, does not warn the user when the mail server changes or is not trusted, which might allow remote attackers to steal credentials and read email via a man-in-the-middle (MITM) attack.

Reference

http://lists.apple.com/archives/security-announce/2007/Sep/msg00001.html
http://docs.info.apple.com/article.html?artnum=306586
http://www.securityfocus.com/bid/25856
http://securitytracker.com/id?1018752
http://secunia.com/advisories/26983
http://www.vupen.com/english/advisories/2007/3287
http://osvdb.org/38537
https://exchange.xforce.ibmcloud.com/vulnerabilities/36845

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

09-08-2022 - 13:46

Objavljeno

27-09-2007 - 21:17