CVE-2007-3754 Information

Description

Mail in Apple iPhone 1.1.1 when using SSL does not warn the user when the mail server changes or is not trusted which might allow remote attackers to steal credentials and read email via a man-in-the-middle (MITM) attack.

Reference

http://docs.info.apple.com/article.html?artnum=306586 http://lists.apple.com/archives/security-announce/2007/Sep/msg00001.html http://osvdb.org/38537 http://secunia.com/advisories/26983 http://securitytracker.com/id?1018752 http://www.securityfocus.com/bid/25856 http://www.vupen.com/english/advisories/2007/3287 https://exchange.xforce.ibmcloud.com/vulnerabilities/36845