CVE-2008-4230

Name of the Vulnerable Software and Affected Versions: Apple iPhone OS versions 1.0 through 2.1 iPhone OS for iPod touch versions 1.1 through 2.1

Description: The Passcode Lock feature displays SMS messages when the emergency-call screen is visible. This allows physically proximate attackers to obtain sensitive information by reading these messages.

Recommendations: For Apple iPhone OS versions 1.0 through 2.1, consider disabling the Passcode Lock feature or restricting access to the emergency-call screen to minimize the risk of exploitation. For iPhone OS for iPod touch versions 1.1 through 2.1, consider disabling the Passcode Lock feature or restricting access to the emergency-call screen to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.