Apple · Ios · CVE-2011-3253
**Name of the Vulnerable Software and Affected Versions**
Apple iOS versions prior to 5
**Description**
The issue concerns the validation of X.509 certificates for SSL sessions in CalDAV. Specifically, it allows man-in-the-middle attackers to spoof calendar servers and obtain sensitive information via an arbitrary certificate.
**Recommendations**
For Apple iOS versions prior to 5, update to version 5 or later to resolve the issue.