Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2796

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2009-2796
Last Modified 22 Oct 2012 11:09:56
Published 10 Sep 2009 05:30:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2009-2796

Summary

The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password.

Vulnerable Systems

Operating System

  • Apple Iphone Os 3.0

  • Apple Iphone Os 3.0.1


References

CONFIRM - http://support.apple.com/kb/HT3860

APPLE - APPLE-SA-2009-09-09-1

SECUNIA - 36677

XF - ipod-iphone-password-info-disclosure(53185)

BID - 36335


Last Updated: 27 May 2016 10:51:45