CVE-2009-2796 Information

Description

The UIKit component in Apple iPhone OS 3.0 and iPhone OS 3.0.1 for iPod touch allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password.

Reference

http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html http://secunia.com/advisories/36677 http://support.apple.com/kb/HT3860 http://www.securityfocus.com/bid/36335 https://exchange.xforce.ibmcloud.com/vulnerabilities/53185