CVE-2015-3756 Information

Description

The Certificate UI in Apple iOS before 8.4.1 does not prevent X.509 certificate acceptance within the lock screen which allows physically proximate attackers to establish arbitrary certificate trust relationships by completing a dialog.

Reference

http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html http://www.securityfocus.com/bid/76337 http://www.securitytracker.com/id/1033275 https://support.apple.com/kb/HT205030