First published: Fri Jun 19 2009(Updated: )
Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to obtain the search history.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
iPhone OS | =1.0.0 | |
iPhone OS | =1.0.1 | |
iPhone OS | =1.0.2 | |
iPhone OS | =1.1.0 | |
iPhone OS | =1.1.1 | |
iPhone OS | =1.1.2 | |
iPhone OS | =1.1.3 | |
iPhone OS | =1.1.4 | |
iPhone OS | =1.1.5 | |
iPhone OS | =2.0 | |
iPhone OS | =2.0.0 | |
iPhone OS | =2.0.1 | |
iPhone OS | =2.0.2 | |
iPhone OS | =2.1 | |
iPhone OS | =2.1.1 | |
iPhone OS | =2.2 | |
iPhone OS | =2.2.1 | |
iPhone OS | ||
Apple iPod touch |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2009-1680 is classified as a medium severity vulnerability due to its potential to expose sensitive search history.
To fix CVE-2009-1680, users should update their iPhone or iPod touch to a more recent version of the iPhone OS that addresses this vulnerability.
CVE-2009-1680 affects users of Apple iPhone OS versions 1.0 through 2.2.1 and iPod touch OS versions 1.1 through 2.2.1.
CVE-2009-1680 allows physically proximate attackers to gain access to the search history of affected devices.
The implications of CVE-2009-1680 include unauthorized access to potentially sensitive information stored in the search history.