Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 19/06/2009 Updated: 09/08/2022

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Apple iPhone OS 1.0 up to and including 2.2.1 and iPhone OS for iPod touch 1.1 up to and including 2.2.1 stores an exception for a hostname when the user accepts an untrusted Exchange server certificate, which causes it to be accepted without prompting in future usage and allows remote Exchange servers to obtain sensitive information such as credentials.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple iphone_os 1.0.2
apple iphone_os 2.2
apple iphone_os 1.1.1
apple iphone_os 2.0.0
apple iphone_os 1.1.2
apple iphone_os 1.1.3
apple iphone_os 1.1.0
apple iphone_os 1.0.1
apple iphone_os 2.1
apple iphone_os 2.2.1
apple iphone_os 2.0
apple iphone_os 1.1.5
apple iphone_os 1.0.0
apple iphone_os 2.1.1
apple iphone_os 1.1.4
apple iphone_os 2.0.1
apple iphone_os 2.0.2
apple iphone_os
apple ipod_touch

CWE-200 http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html http://support.apple.com/kb/HT3639 http://www.securityfocus.com/bid/35414 http://www.vupen.com/english/advisories/2009/1621 http://www.securityfocus.com/bid/35447 http://osvdb.org/55236 https://exchange.xforce.ibmcloud.com/vulnerabilities/51208 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-0958

Vulnerability Summary

References

Vulmon Search

About

Products

Connect