This article has been archived and is no longer updated by Apple.

About the security content of iPhone v2.0 and iPod touch v2.0

This document describes the security content of iPhone v2.0 and iPod touch v2.0.

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.

For information about the Apple Product Security PGP Key, see "How to use the Apple Product Security PGP Key."

Where possible, CVE IDs are used to reference the vulnerabilities for further information.

To learn about other Security Updates, see "Apple Security Updates."

iPhone v2.0 and iPod touch v2.0

  • CFNetwork

    CVE-ID: CVE-2008-0050

    Available for: iPhone v1.0 through v1.1.4, iPod touch v1.1 through v1.1.4

    Impact: A malicious proxy server may spoof secure websites

    Description: A malicious HTTPS proxy server may return arbitrary data to CFNetwork in a 502 Bad Gateway error, which could allow a secure website to be spoofed. This update addresses the issue by not returning the proxy-supplied data on an error condition.

  • Kernel

    CVE-ID: CVE-2008-0177

    Available for: iPhone v1.0 through v1.1.4, iPod touch v1.1 through v1.1.4

    Impact: A remote attacker may be able to cause an unexpected device reset

    Description: An undetected failure condition exists in the handling of packets with an IPComp header. Sending a maliciously crafted packet to a system configured to use IPSec or IPv6 may cause an unexpected device reset. This update addresses the issue by properly detecting the failure condition.

  • Safari

    CVE-ID: CVE-2008-1588

    Available for: iPhone v1.0 through v1.1.4, iPod touch v1.1 through v1.1.4

    Impact: Unicode ideographic spaces may be used to spoof a website

    Description: When Safari displays the current URL in the address bar, Unicode ideographic spaces are rendered. This allows a maliciously crafted website to direct the user to a spoofed site that visually appears to be a legitimate domain. This update addresses the issue by not rendering Unicode ideographic spaces in the address bar.

  • Safari

    CVE-ID: CVE-2008-1589

    Available for: iPhone v1.0 through v1.1.4, iPod touch v1.1 through v1.1.4

    Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information

    Description: When Safari accesses a website that uses a self-signed or invalid certificate, it prompts the user to accept or reject the certificate. If the user presses the menu button while at the prompt, then on the next visit to the site, the certificate is accepted with no prompt. This may lead to the disclosure of sensitive information. This update addresses the issue through improved handling of certificates. Credit to Hiromitsu Takagi for reporting this issue.

  • Safari

    CVE-ID: CVE-2008-2303

    Available for: iPhone v1.0 through v1.1.4, iPod touch v1.1 through v1.1.4

    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

    Description: A signedness issue in Safari's handling of JavaScript array indices may result in an out-of-bounds memory access. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of JavaScript array indices. Credit to SkyLined of Google for reporting this issue.

  • Safari

    CVE-ID: CVE-2006-2783

    Available for: iPhone v1.0 through v1.1.4, iPod touch v1.1 through v1.1.4

    Impact: Visiting a maliciously crafted website may lead to cross-site scripting

    Description: Safari ignores Unicode byte order mark sequences when parsing web pages. Certain websites and web content filters attempt to sanitize input by blocking specific HTML tags. This approach to filtering may be bypassed and lead to cross-site scripting when encountering maliciously-crafted HTML tags containing byte order mark sequences. This update addresses the issue through improved handling of byte order mark sequences. Credit to Chris Weber of Casaba Security, LLC for reporting this issue.

  • Safari

    CVE-ID: CVE-2008-2307

    Available for: iPhone v1.0 through v1.1.4, iPod touch v1.1 through v1.1.4

    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

    Description: A memory corruption issue exists in WebKit's handling of JavaScript arrays. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit to James Urquhart for reporting this issue.

  • Safari

    CVE-ID: CVE-2008-2317

    Available for: iPhone v1.0 through v1.1.4, iPod touch v1.1 through v1.1.4

    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

    Description: A memory corruption issue exists in WebCore's handling of style sheet elements. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved garbage collection. Credit to an anonymous researcher working with the TippingPoint Zero Day Initiative for reporting this issue.

  • Safari

    CVE-ID: CVE-2007-6284

    Available for: iPhone v1.0 through v1.1.4, iPod touch v1.1 through v1.1.4

    Impact: Processing an XML document may lead to a denial of service

    Description: A memory consumption issue exists in the handling of XML documents containing invalid UTF-8 sequences, which may lead to a denial of service. This update addresses the issue by updating the libxml2 system library to version 2.6.16.

  • Safari

    CVE-ID: CVE-2008-1767

    Available for: iPhone v1.0 through v1.1.4, iPod touch v1.1 through v1.1.4

    Impact: Processing an XML document may lead to an unexpected application termination or arbitrary code execution

    Description: A memory corruption issue exists in the libxslt library. Viewing a maliciously crafted HTML page may lead to an unexpected application termination or arbitrary code execution. Further information on the patch applied is available via the xmlsoft.org website http://xmlsoft.org/XSLT/ Credit to Anthony de Almeida Lopes of Outpost24 AB, and Chris Evans of Google Security Team for reporting this issue.

  • WebKit

    CVE-ID: CVE-2008-1590

    Available for: iPhone v1.0 through v1.1.4, iPod touch v1.1 through v1.1.4

    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

    Description: A memory corruption issue exists in JavaScriptCore's handling of runtime garbage collection. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved garbage collection. Credit to Itzik Kotler and Jonathan Rom of Radware for reporting this issue.

  • WebKit

    CVE-ID: CVE-2008-1025

    Available for: iPhone v1.0 through v1.1.4, iPod touch v1.1 through v1.1.4

    Impact: Accessing a maliciously crafted URL may result in cross-site scripting

    Description: An issue exists in WebKit's handling of URLs containing a colon character in the host name. Accessing a maliciously crafted URL may lead to a cross-site scripting attack. This update addresses the issue through improved handling of URLs. Credit to Robert Swiecki of the Google Security Team, and David Bloom for reporting this issue.

  • WebKit

    CVE-ID: CVE-2008-1026

    Available for: iPhone v1.0 through v1.1.4, iPod touch v1.1 through v1.1.4

    Impact: Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution

    Description: A heap buffer overflow exists in WebKit's handling of JavaScript regular expressions. The issue may be triggered via JavaScript when processing regular expressions with large, nested repetition counts. This may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of JavaScript regular expressions. Credit to Charlie Miller of Independent Security Evaluators for reporting this issue.

Important: Mention of third-party websites and products is for informational purposes only and constitutes neither an endorsement nor a recommendation. Apple assumes no responsibility with regard to the selection, performance or use of information or products found at third-party websites. Apple provides this only as a convenience to our users. Apple has not tested the information found on these sites and makes no representations regarding its accuracy or reliability. There are risks inherent in the use of any information or products found on the Internet, and Apple assumes no responsibility in this regard. Please understand that a third-party site is independent from Apple and that Apple has no control over the content on that website. Please contact the vendor for additional information.

Published Date: