Apple · Uikit · CVE-2009-2796
**Name of the Vulnerable Software and Affected Versions**
Apple iPhone OS versions 3.0 through 3.0.1
Apple iPhone OS version 3.0 for iPod touch
**Description**
The issue allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password, specifically affecting the UIKit component.
**Recommendations**
For Apple iPhone OS versions 3.0 through 3.0.1, consider using a secure method to enter passwords, avoiding the undo feature for password input.
For Apple iPhone OS version 3.0 for iPod touch, use an alternative, secure password entry method to minimize the risk of password discovery.