VYPR

iPhone Mail

by Apple Inc.

CVEs (2)

  • CVE-2009-3273Sep 21, 2009
    risk 0.00cvss epss 0.01

    iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate.

  • CVE-2007-3754Sep 27, 2007
    risk 0.00cvss epss 0.02

    Mail in Apple iPhone 1.1.1, when using SSL, does not warn the user when the mail server changes or is not trusted, which might allow remote attackers to steal credentials and read email via a man-in-the-middle (MITM) attack.