CVE-2008-4231 Information

Description

Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.

Reference

http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://osvdb.org/50028 http://secunia.com/advisories/32756 http://secunia.com/advisories/35379 http://support.apple.com/kb/HT3318 http://support.apple.com/kb/HT3613 http://www.fortiguardcenter.com/advisory/FGA-2009-23.html http://www.securityfocus.com/archive/1/504211/100/0/threaded http://www.securityfocus.com/bid/32394 http://www.securitytracker.com/id?1021272 http://www.vupen.com/english/advisories/2008/3232 http://www.vupen.com/english/advisories/2009/1522