Vulnerability Description
Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to obtain the search history.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Iphone Os | 1.0.0 |
| Apple | Ipod Touch | All versions |
Related Weaknesses (CWE)
References
- http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.htmlVendor Advisory
- http://osvdb.org/55240
- http://support.apple.com/kb/HT3639PatchVendor Advisory
- http://www.securityfocus.com/bid/35414
- http://www.securityfocus.com/bid/35448
- http://www.vupen.com/english/advisories/2009/1621
- http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.htmlVendor Advisory
- http://osvdb.org/55240
- http://support.apple.com/kb/HT3639PatchVendor Advisory
- http://www.securityfocus.com/bid/35414
- http://www.securityfocus.com/bid/35448
- http://www.vupen.com/english/advisories/2009/1621
FAQ
What is CVE-2009-1680?
CVE-2009-1680 is a vulnerability with a CVSS score of 2.1 (LOW). Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows phy...
How severe is CVE-2009-1680?
CVE-2009-1680 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-1680?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Iphone Os, Apple Ipod Touch.