Lucene search

K
cve[email protected]CVE-2010-1810
HistorySep 09, 2010 - 10:00 p.m.

CVE-2010-1810

2010-09-0922:00:01
web.nvd.nist.gov
20
facetime
apple ios
vulnerability
man-in-the-middle
crafted certificates

5.6 Medium

AI Score

Confidence

Low

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

39.8%

FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not properly handle invalid X.509 certificates, which allows man-in-the-middle attackers to redirect calls via a crafted certificate.

Affected configurations

NVD
Node
appleiphone_osRange4.0.2
OR
appleiphone_osMatch1.0.0
OR
appleiphone_osMatch1.0.1
OR
appleiphone_osMatch1.0.2
OR
appleiphone_osMatch1.1.0
OR
appleiphone_osMatch1.1.1
OR
appleiphone_osMatch1.1.2
OR
appleiphone_osMatch1.1.3
OR
appleiphone_osMatch1.1.4
OR
appleiphone_osMatch1.1.5
OR
appleiphone_osMatch2.0
OR
appleiphone_osMatch2.0.0
OR
appleiphone_osMatch2.0.1
OR
appleiphone_osMatch2.0.2
OR
appleiphone_osMatch2.1
OR
appleiphone_osMatch2.1.1
OR
appleiphone_osMatch2.2
OR
appleiphone_osMatch2.2.1
OR
appleiphone_osMatch3.0
OR
appleiphone_osMatch3.0.1
OR
appleiphone_osMatch3.1
OR
appleiphone_osMatch3.1.2
OR
appleiphone_osMatch3.1.3
OR
appleiphone_osMatch3.2
OR
appleiphone_osMatch3.2.1
OR
appleiphone_osMatch4.0
OR
appleiphone_osMatch4.0.1
AND
appleipod_touch
OR
appleiphone_os

5.6 Medium

AI Score

Confidence

Low

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

39.8%

Related for CVE-2010-1810