Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4232

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-4232
Last Modified 07 Mar 2011 10:12:09
Published 25 Nov 2008 06:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4232

Summary

Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to spoof a user interface via a crafted HTML document.

Vulnerable Systems

Operating System

  • Apple Iphone Os 1.0

  • Apple Iphone Os 1.0.1

  • Apple Iphone Os 1.0.2

  • Apple Iphone Os 1.1

  • Apple Iphone Os 1.1.1

  • Apple Iphone Os 1.1.2

  • Apple Iphone Os 1.1.3

  • Apple Iphone Os 1.1.4

  • Apple Iphone Os 1.1.5

  • Apple Iphone Os 2.0

  • Apple Iphone Os 2.0.1

  • Apple Iphone Os 2.0.2

  • Apple Iphone Os 2.1

Application

  • Apple Safari


References

VUPEN - ADV-2008-3232

SECTRACK - 1021272

BID - 32394

CONFIRM - http://support.apple.com/kb/HT3318

SECUNIA - 32756

OSVDB - 50029

APPLE - APPLE-SA-2008-11-20


Last Updated: 27 May 2016 10:48:26