CVE-2011-3432

The UIKit Alerts component in Apple iOS before 5 allows remote attackers to cause a denial of service (device hang) via a long tel: URL that triggers a large size for the acceptance dialog.

Affected Software

Name	Vendor	Start Version	End Version
Iphone_os	Apple	3.0 (including)	3.0 (including)
Iphone_os	Apple	3.1 (including)	3.1 (including)
Iphone_os	Apple	3.1.2 (including)	3.1.2 (including)
Iphone_os	Apple	3.1.3 (including)	3.1.3 (including)
Iphone_os	Apple	3.2 (including)	3.2 (including)
Iphone_os	Apple	3.2.1 (including)	3.2.1 (including)
Iphone_os	Apple	3.2.2 (including)	3.2.2 (including)
Iphone_os	Apple	4.0 (including)	4.0 (including)
Iphone_os	Apple	4.0.1 (including)	4.0.1 (including)
Iphone_os	Apple	4.0.2 (including)	4.0.2 (including)
Iphone_os	Apple	4.1 (including)	4.1 (including)
Iphone_os	Apple	4.2.1 (including)	4.2.1 (including)
Iphone_os	Apple	4.2.5 (including)	4.2.5 (including)
Iphone_os	Apple	4.2.8 (including)	4.2.8 (including)
Iphone_os	Apple	4.3.0 (including)	4.3.0 (including)
Iphone_os	Apple	4.3.1 (including)	4.3.1 (including)
Iphone_os	Apple	4.3.2 (including)	4.3.2 (including)
Iphone_os	Apple	4.3.3 (including)	4.3.3 (including)
Iphone_os	Apple	4.3.5 (including)	4.3.5 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-3432
CWE	https://cwe.mitre.org/data/definitions/399.html

Affected Software

References