Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistAppleCVELIST:CVE-2011-0228
HistoryAug 29, 2011 - 8:00 p.m.

CVE-2011-0228

2011-08-2920:00:00
apple
raw.githubusercontent.com
1

5.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.4%

JSON

The Data Security component in Apple iOS before 4.2.10 and 4.3.x before 4.3.5 does not check the basicConstraints parameter during validation of X.509 certificate chains, which allows man-in-the-middle attackers to spoof an SSL server by using a non-CA certificate to sign a certificate for an arbitrary domain.

Related

prion 1
seebug 1
securityvulns 4
cve 1
prion
prion
Design/Logic Flaw
2011-08-29 20:55:00
seebug
seebug
Apple iOS "basicConstraints" X.509证书链验证漏洞
2011-07-28 00:00:00
securityvulns
securityvulns
APPLE-SA-2011-07-25-2 iOS 4.2.10 Software Update for iPhone
2011-07-26 00:00:00
APPLE-SA-2011-07-25-1 iOS 4.3.5 Software Update
2011-07-26 00:00:00
TWSL2011-007: iOS SSL Implementation Does Not Validate Certificate Chain
2011-07-26 00:00:00
cve
cve
CVE-2011-0228
2011-08-29 20:55:00

5.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.4%

JSON
Related for CVELIST:CVE-2011-0228
prion1seebug1securityvulns4cve1