CVE-2008-4232

Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to spoof a user interface via a crafted HTML document.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
VendorProductVersion
applesafari
*
appleiphone_os
1.0
appleiphone_os
1.0.1
appleiphone_os
1.0.2
appleiphone_os
1.1
appleiphone_os
1.1.1
appleiphone_os
1.1.2
appleiphone_os
1.1.3
appleiphone_os
1.1.4
appleiphone_os
1.1.5
appleiphone_os
2.0
appleiphone_os
2.0.1
appleiphone_os
2.0.2
appleiphone_os
2.1
𝑥
= Vulnerable software versions
References
http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
http://osvdb.org/50029
http://secunia.com/advisories/32756
http://support.apple.com/kb/HT3318
http://www.securityfocus.com/bid/32394
http://www.securitytracker.com/id?1021272
http://www.vupen.com/english/advisories/2008/3232
http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html
http://osvdb.org/50029
http://secunia.com/advisories/32756
http://support.apple.com/kb/HT3318
http://www.securityfocus.com/bid/32394
http://www.securitytracker.com/id?1021272
http://www.vupen.com/english/advisories/2008/3232