CVE

Id
38393  
CVE No.
CVE-2009-0958  
Status
Candidate  
Description
Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 stores an exception for a hostname when the user accepts an untrusted Exchange server certificate, which causes it to be accepted without prompting in future usage and allows remote Exchange servers to obtain sensitive information such as credentials.  
Phase
Assigned (20090318)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
419043 38393 CVE-2009-0958 CONFIRM:http://support.apple.com/kb/HT3639  View
419044 38393 CVE-2009-0958 APPLE:APPLE-SA-2009-06-17-1  View
419045 38393 CVE-2009-0958 URL:http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html  View
419046 38393 CVE-2009-0958 BID:35414  View
419047 38393 CVE-2009-0958 URL:http://www.securityfocus.com/bid/35414  View
419048 38393 CVE-2009-0958 BID:35447  View
419049 38393 CVE-2009-0958 URL:http://www.securityfocus.com/bid/35447  View
419050 38393 CVE-2009-0958 OSVDB:55236  View
419051 38393 CVE-2009-0958 URL:http://osvdb.org/55236  View
419052 38393 CVE-2009-0958 VUPEN:ADV-2009-1621  View
419053 38393 CVE-2009-0958 URL:http://www.vupen.com/english/advisories/2009/1621  View
419054 38393 CVE-2009-0958 XF:iphone-ipod-certificate-info-disclosure(51208)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
39929 JVNDB-2009-000014 futomi"s CGI Cafe 製 MP Form Mail CGI における管理者権限奪取の脆弱性 futomi"s CGI Cafe が提供する MP Form Mail CGI には、管理者権限が奪取可能である脆弱性が存在します。 CVE-2009-0962 38393 7.5 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000014.html  View