CVE-2010-1226
iPhone OS 3.1 and 3.1.3 - Denial of Service via Crafted DIV innerHTML Property
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2010-1226. PoCs published by Chase Higgins.
AI-analyzed exploit summary This exploit is a Python script that acts as a web server to serve a malicious HTML page. The page triggers a crash in iPhone's Springboard, Safari, and Mail apps by exploiting a vulnerability with a malformed character string.
Description
The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service (Safari, Mail, or Springboard crash) via a crafted innerHTML property of a DIV element, related to a "malformed character" issue.
Exploits (1)
This exploit is a Python script that acts as a web server to serve a malicious HTML page. The page triggers a crash in iPhone's Springboard, Safari, and Mail apps by exploiting a vulnerability with a malformed character string.