CVE-2010-3827
Apple iOS before 4.2 does not properly validate signatures before displaying a configuration profile in the configuration installation utility, which allows remote attackers to spoof profiles via unspecified vectors.
Date published : 2010-11-26
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html