CVE-2010-1810

FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not properly handle invalid X.509 certificates, which allows man-in-the-middle attackers to redirect calls via a crafted certificate.

Affected Software

Name	Vendor	Start Version	End Version
Iphone_os	Apple	*	4.0.2 (including)
Iphone_os	Apple	1.0.0 (including)	1.0.0 (including)
Iphone_os	Apple	1.0.1 (including)	1.0.1 (including)
Iphone_os	Apple	1.0.2 (including)	1.0.2 (including)
Iphone_os	Apple	1.1.0 (including)	1.1.0 (including)
Iphone_os	Apple	1.1.1 (including)	1.1.1 (including)
Iphone_os	Apple	1.1.2 (including)	1.1.2 (including)
Iphone_os	Apple	1.1.3 (including)	1.1.3 (including)
Iphone_os	Apple	1.1.4 (including)	1.1.4 (including)
Iphone_os	Apple	1.1.5 (including)	1.1.5 (including)
Iphone_os	Apple	2.0 (including)	2.0 (including)
Iphone_os	Apple	2.0.0 (including)	2.0.0 (including)
Iphone_os	Apple	2.0.1 (including)	2.0.1 (including)
Iphone_os	Apple	2.0.2 (including)	2.0.2 (including)
Iphone_os	Apple	2.1 (including)	2.1 (including)
Iphone_os	Apple	2.1.1 (including)	2.1.1 (including)
Iphone_os	Apple	2.2 (including)	2.2 (including)
Iphone_os	Apple	2.2.1 (including)	2.2.1 (including)
Iphone_os	Apple	3.0 (including)	3.0 (including)
Iphone_os	Apple	3.0.1 (including)	3.0.1 (including)
Iphone_os	Apple	3.1 (including)	3.1 (including)
Iphone_os	Apple	3.1.2 (including)	3.1.2 (including)
Iphone_os	Apple	3.1.3 (including)	3.1.3 (including)
Iphone_os	Apple	3.2 (including)	3.2 (including)
Iphone_os	Apple	3.2.1 (including)	3.2.1 (including)
Iphone_os	Apple	4.0 (including)	4.0 (including)
Iphone_os	Apple	4.0.1 (including)	4.0.1 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-1810
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References