Lucene search
HistorySep 09, 2010 - 10:00 p.m.
CVE-2010-1810
facetime
apple ios
vulnerability
man-in-the-middle
crafted certificates
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.6 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
39.9%
FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not properly handle invalid X.509 certificates, which allows man-in-the-middle attackers to redirect calls via a crafted certificate.
Affected configurations
Node
appleiphone_osRange≤4.0.2
ORappleiphone_osMatch1.0.0
ORappleiphone_osMatch1.0.1
ORappleiphone_osMatch1.0.2
ORappleiphone_osMatch1.1.0
ORappleiphone_osMatch1.1.1
ORappleiphone_osMatch1.1.2
ORappleiphone_osMatch1.1.3
ORappleiphone_osMatch1.1.4
ORappleiphone_osMatch1.1.5
ORappleiphone_osMatch2.0
ORappleiphone_osMatch2.0.0
ORappleiphone_osMatch2.0.1
ORappleiphone_osMatch2.0.2
ORappleiphone_osMatch2.1
ORappleiphone_osMatch2.1.1
ORappleiphone_osMatch2.2
ORappleiphone_osMatch2.2.1
ORappleiphone_osMatch3.0
ORappleiphone_osMatch3.0.1
ORappleiphone_osMatch3.1
ORappleiphone_osMatch3.1.2
ORappleiphone_osMatch3.1.3
ORappleiphone_osMatch3.2
ORappleiphone_osMatch3.2.1
ORappleiphone_osMatch4.0
ORappleiphone_osMatch4.0.1
appleipod_touch
ORappleiphone_os
Related
prion
prion
Design/Logic Flaw
2010-09-09 22:00:00
cvelist
cvelist
CVE-2010-1810
2010-09-09 21:00:00
nvd
nvd
CVE-2010-1810
2010-09-09 22:00:01
securityvulns
securityvulns
Apple Webkit / Safari / Google Chrome multiple security vulnerabilities
2010-11-23 00:00:00
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.6 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
39.9%
Related for CVE-2010-1810