CVE-2009-1680

Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to obtain the search history.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*
cpe:2.3:h:apple:ipod_touch:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:03

Type Values Removed Values Added
References () http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html - Vendor Advisory () http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html - Vendor Advisory
References () http://osvdb.org/55240 - () http://osvdb.org/55240 -
References () http://support.apple.com/kb/HT3639 - Patch, Vendor Advisory () http://support.apple.com/kb/HT3639 - Patch, Vendor Advisory
References () http://www.securityfocus.com/bid/35414 - () http://www.securityfocus.com/bid/35414 -
References () http://www.securityfocus.com/bid/35448 - () http://www.securityfocus.com/bid/35448 -
References () http://www.vupen.com/english/advisories/2009/1621 - () http://www.vupen.com/english/advisories/2009/1621 -

09 Aug 2022, 13:48

Type Values Removed Values Added
CPE cpe:2.3:h:apple:iphone:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Information

Published : 2009-06-19 16:30

Updated : 2024-11-21 01:03


NVD link : CVE-2009-1680

Mitre link : CVE-2009-1680

CVE.ORG link : CVE-2009-1680


JSON object : View

Products Affected

apple

  • ipod_touch
  • iphone_os
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor