Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ipod_touch | Apple | * | * |
| Iphone_os | Apple | * | * |
References
- http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
- http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
- http://osvdb.org/50028
- http://secunia.com/advisories/32756
- http://secunia.com/advisories/35379
- http://support.apple.com/kb/HT3318
- http://support.apple.com/kb/HT3613
- http://www.fortiguardcenter.com/advisory/FGA-2009-23.html
- http://www.securityfocus.com/archive/1/504211/100/0/threaded
- http://www.securityfocus.com/bid/32394
- http://www.securitytracker.com/id?1021272
- http://www.vupen.com/english/advisories/2008/3232
- http://www.vupen.com/english/advisories/2009/1522
- http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
- http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
- http://osvdb.org/50028
- http://secunia.com/advisories/32756
- http://secunia.com/advisories/35379
- http://support.apple.com/kb/HT3318
- http://support.apple.com/kb/HT3613
- http://www.fortiguardcenter.com/advisory/FGA-2009-23.html
- http://www.securityfocus.com/archive/1/504211/100/0/threaded
- http://www.securityfocus.com/bid/32394
- http://www.securitytracker.com/id?1021272
- http://www.vupen.com/english/advisories/2008/3232
- http://www.vupen.com/english/advisories/2009/1522