3 matches found
CVE-2011-0228
Affected software: Apple iOS prior to 4.2.10 and 4.3.x prior to 4.3.5. Vulnerability: The Data Security component does not check the basicConstraints parameter when validating X.509 certificate chains, allowing a non-CA certificate to sign a certificate for any domain. This enables a man-in-the-m...
TWSL2011-007: iOS SSL Implementation Does Not Validate Certificate Chain
Trustwave's SpiderLabs Security Advisory TWSL2011-007: iOS SSL Implementation Does Not Validate Certificate Chain https://www.trustwave.com/spiderlabs/advisories/TWSL2011-007.txt Published: 2011-07-25 Version: 1.0 Vendor: Apple http://www.apple.com Product: iOS Version affected: Versions Prior to...
APPLE-SA-2011-07-25-2 iOS 4.2.10 Software Update for iPhone
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-07-25-2 iOS 4.2.10 Software Update for iPhone iOS 4.2.10 Software Update for iPhone is now available and addresses the following: Data Security Available for: iOS 4.2.5 through 4.2.9 for iPhone 4 CDMA Impact: An attacker with a privilege...