An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "iTunes Store" component. It allows man-in-the-middle attackers to modify the client-server data stream to iTunes sandbox web services by leveraging use of cleartext HTTP.
Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. El problema involucra al componente "iTunes Store". Esto permite a atacantes man-in-the-middle modificar la secuencia de datos cliente-servidor a los servicios web de aislamiento de iTunes aprovechando la utilización de HTTP en texto plano.
iOS 10.3 is now available and addresses code execution, information disclosure, denial of service, and various other vulnerabilities.
