CVE-2007-3754

CVE Database · CVE-2007-3754

CVE-2007-3754

· N/AModified

CVSS v3.1

N/A

EPSS

1.84%

Published

Sep 27, 2007

Modified

Apr 22, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Mail in Apple iPhone 1.1.1, when using SSL, does not warn the user when the mail server changes or is not trusted, which might allow remote attackers to steal credentials and read email via a man-in-the-middle (MITM) attack.

Weaknesses (CWE)

CWE-287

Affected Products (3)

apple · iphonevulnerable

apple · iphone_osvulnerable

References (16)

http://docs.info.apple.com/article.html?artnum=306586

http://lists.apple.com/archives/security-announce/2007/Sep/msg00001.html

Patch

http://osvdb.org/38537

http://secunia.com/advisories/26983

http://securitytracker.com/id?1018752

http://www.securityfocus.com/bid/25856

http://www.vupen.com/english/advisories/2007/3287

https://exchange.xforce.ibmcloud.com/vulnerabilities/36845

http://docs.info.apple.com/article.html?artnum=306586

http://lists.apple.com/archives/security-announce/2007/Sep/msg00001.html

Patch

http://osvdb.org/38537

KEV Catalog EPSS Scores Vendors All CVEs