Stefan Seiz

**Name of the Vulnerable Software and Affected Versions** Apple iPhone OS versions 1.0 through 2.2.1 Apple iPhone OS for iPod touch versions 1.1 through 2.2.1 **Description** The issue concerns the Mail component, which does not offer an option to disable remote image loading in HTML emails. This allows remote attackers to determine the device's address and when an email is read by sending an HTML email that contains an image URL. **Recommendations** For Apple iPhone OS versions 1.0 through 2.2.1, consider disabling HTML email rendering until a fix is available. For Apple iPhone OS for iPod touch versions 1.1 through 2.2.1, consider disabling HTML email rendering until a fix is available.