(LiveHacking.Com) – Less than two weeks ago Apple released iOS 4.3.4 to fix a PDF vulnerability and now it has issued iOS 4.3.5 to patch a X.509 certificate validation vulnerability.
According to Apple the vulnerability allows an attacker with a privileged network position to capture or modify data in sessions protected by SSL/TLS.
A certificate chain validation issue existed in the handling of X.509 certificates. This issue is fix through improved validation of X.509 certificate chains.
iOS 4.3.5 is available for the iPhone 3GS & iPhone 4 (GSM model), the iPod touch (3rd generation and later) and the iPad & iPad 2.
