CVE-2009-1680

iPhone OS 1.0-2.2.1 and iPod touch 1.1-2.2.1 - Unauthorized Search History Exposure via Settings Clear

Title source: llm
STIX 2.1

Description

Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to obtain the search history.

References (6)

Core 6
Core References
Patch, Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT3639
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/1621
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/35414
Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/35448
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/55240

Scores

EPSS 0.0038
EPSS Percentile 29.9%

Details

CWE
CWE-200
Status published
Products (19)
apple/iphone_os 1.0.0
apple/iphone_os 1.0.1
apple/iphone_os 1.0.2
apple/iphone_os 1.1.0
apple/iphone_os 1.1.1
apple/iphone_os 1.1.2
apple/iphone_os 1.1.3
apple/iphone_os 1.1.4
apple/iphone_os 1.1.5
apple/iphone_os 2.0
... and 9 more
Published Jun 19, 2009
Tracked Since Feb 18, 2026