Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 26/11/2010 Updated: 17/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Photos in Apple iOS prior to 4.2 enables support for HTTP Basic Authentication over an unencrypted connection, which allows man-in-the-middle malicious users to read MobileMe account passwords by spoofing a MobileMe Gallery server during a "Send to MobileMe" action.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple iphone os 4.0
apple iphone os 3.2.2
apple iphone os 3.2.1
apple iphone os 2.2.1
apple iphone os 2.2
apple iphone os 1.1.4
apple iphone os 1.1.3
apple iphone os 3.2
apple iphone os 3.1.3
apple iphone os 2.1.1
apple iphone os 2.1
apple iphone os 1.1.2
apple iphone os 1.1.1
apple iphone os 2.0
apple iphone os
apple iphone os 3.1.2
apple iphone os 3.1
apple iphone os 2.0.2
apple iphone os 2.0.1
apple iphone os 1.1.0
apple iphone os 1.0.2
apple iphone os 4.0.2
apple iphone os 4.0.1
apple iphone os 3.0.1
apple iphone os 3.0
apple iphone os 2.0.0
apple iphone os 1.1.5
apple iphone os 1.0.1
apple iphone os 1.0.0

CWE-200 http://support.apple.com/kb/HT4456 http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://www.securitytracker.com/id?1024771 http://www.vupen.com/english/advisories/2010/3046 http://secunia.com/advisories/42314 https://exchange.xforce.ibmcloud.com/vulnerabilities/63420 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-3831

Vulnerability Summary

References

Vulmon Search

About

Products

Connect