CVE-2011-0228

Name of the Vulnerable Software and Affected Versions Apple iOS versions prior to 4.2.10 Apple iOS versions 4.3.x prior to 4.3.5

Description The issue concerns the Data Security component's failure to check the basicConstraints parameter during the validation of X.509 certificate chains. This allows man-in-the-middle attackers to spoof an SSL server by using a non-CA certificate to sign a certificate for an arbitrary domain.

Recommendations For Apple iOS versions prior to 4.2.10, update to version 4.2.10 or later. For Apple iOS versions 4.3.x prior to 4.3.5, update to version 4.3.5 or later.