CVE-2008-4232

Sažetak

Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to spoof a user interface via a crafted HTML document.

Reference

http://support.apple.com/kb/HT3318
http://www.securityfocus.com/bid/32394
http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
http://secunia.com/advisories/32756
http://osvdb.org/50029
http://www.securitytracker.com/id?1021272
http://www.vupen.com/english/advisories/2008/3232

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

09-08-2022 - 13:48

Objavljeno

25-11-2008 - 23:30