Fd

**Name of the Vulnerable Software and Affected Versions** Apple iPhone OS versions 1.0 through 2.2.1 iPhone OS for iPod touch versions 1.1 through 2.2.1 **Description** The issue allows remote Exchange servers to obtain sensitive information, such as credentials, when the user accepts an untrusted Exchange server certificate. This causes the exception for a hostname to be stored, leading to the certificate being accepted without prompting in future usage. **Recommendations** For Apple iPhone OS versions 1.0 through 2.2.1, consider avoiding the use of untrusted Exchange server certificates until a fix is available. For iPhone OS for iPod touch versions 1.1 through 2.2.1, consider avoiding the use of untrusted Exchange server certificates until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.