CVE-2009-1680

Description

Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to obtain the search history.

Affected products

Apple / iphone_os1.0.0 – 1.0.0
Apple / iphone_os1.0.1 – 1.0.1
Apple / iphone_os1.0.2 – 1.0.2
Apple / iphone_os1.1.0 – 1.1.0
Apple / iphone_os1.1.1 – 1.1.1
Apple / iphone_os1.1.2 – 1.1.2
Apple / iphone_os1.1.3 – 1.1.3
Apple / iphone_os1.1.4 – 1.1.4
Apple / iphone_os1.1.5 – 1.1.5
Apple / iphone_os2.0 – 2.0
Apple / iphone_os2.0.0 – 2.0.0
Apple / iphone_os2.0.1 – 2.0.1
Apple / iphone_os2.0.2 – 2.0.2
Apple / iphone_os2.1 – 2.1
Apple / iphone_os2.1.1 – 2.1.1
Apple / iphone_os2.2 – 2.2
Apple / iphone_os2.2.1 – 2.2.1
Apple / iphone_os
Apple / ipod_touch

References

VENDOR_ADVISORYhttp://support.apple.com/kb/HT3639
VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2009/1621
MISChttp://www.securityfocus.com/bid/35414
MAILING_LISThttp://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
MISChttp://www.securityfocus.com/bid/35448
MISChttp://osvdb.org/55240