PT-2009-3542 · Apple · Ios+1
Aviv Raff
+8
·
Published
2009-06-19
·
Updated
2022-08-09
·
CVE-2009-0960
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Apple iPhone OS versions 1.0 through 2.2.1
Apple iPhone OS for iPod touch versions 1.1 through 2.2.1
Description
The issue concerns the Mail component, which does not offer an option to disable remote image loading in HTML emails. This allows remote attackers to determine the device's address and when an email is read by sending an HTML email that contains an image URL.
Recommendations
For Apple iPhone OS versions 1.0 through 2.2.1, consider disabling HTML email rendering until a fix is available.
For Apple iPhone OS for iPod touch versions 1.1 through 2.2.1, consider disabling HTML email rendering until a fix is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ios
Ipod Touch