Unrated severityNVD Advisory· Published Sep 27, 2007· Updated Apr 23, 2026

CVE-2007-3754

Description

Mail in Apple iPhone 1.1.1, when using SSL, does not warn the user when the mail server changes or is not trusted, which might allow remote attackers to steal credentials and read email via a man-in-the-middle (MITM) attack.

Affected products

Apple Inc./Iphone Os2 versions
cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*
Apple Inc./iPhone
cpe:2.3:h:apple:iphone:1.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.apple.com/archives/security-announce/2007/Sep/msg00001.htmlnvdPatch
docs.info.apple.com/article.htmlnvd
osvdb.org/38537nvd
secunia.com/advisories/26983nvd
securitytracker.com/idnvd
www.securityfocus.com/bid/25856nvd
www.vupen.com/english/advisories/2007/3287nvd
exchange.xforce.ibmcloud.com/vulnerabilities/36845nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000