CVE-2008-4232 Information

Description

Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME’s content display to the boundaries of the IFRAME which allows remote attackers to spoof a user interface via a crafted HTML document.

Reference

http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html http://osvdb.org/50029 http://secunia.com/advisories/32756 http://support.apple.com/kb/HT3318 http://www.securityfocus.com/bid/32394 http://www.securitytracker.com/id?1021272 http://www.vupen.com/english/advisories/2008/3232