CVE-2010-1757

Severity CVSS v4.0:
Pending analysis
Type:
CWE-264 Permissions, Privileges, and Access Control
Publication date:
22/06/2010
Last modified:
11/04/2025

Description

WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* 4.0 (excluding)
cpe:2.3:h:apple:ipod_touch:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*