CVE

Id
40708  
CVE No.
CVE-2009-3273  
Status
Candidate  
Description
iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate.  
Phase
Assigned (20090921)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
446560 40708 CVE-2009-3273 BUGTRAQ:20090911 iphone email client does not validate ssl certificates  View
446561 40708 CVE-2009-3273 URL:http://www.securityfocus.com/archive/1/archive/1/506428/100/0/threaded  View
446562 40708 CVE-2009-3273 BID:36370  View
446563 40708 CVE-2009-3273 URL:http://www.securityfocus.com/bid/36370  View
446564 40708 CVE-2009-3273 XF:ipod-iphone-ssl-spoofing(53234)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
45316 JVNDB-2009-006323 datavault の DataVault.Tesla/Impl/TypeSystem/AssociationHelper.cs におけるサービス運用妨害 (DoS) の脆弱性 datavault の DataVault.Tesla/Impl/TypeSystem/AssociationHelper.cs は、特定の正規表現に関する処理に不備があるため、サービス運用妨害 (CPU の消費) 状態となる脆弱性が存在します。 CVE-2009-3277 40708 5 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-006323.html  View