Rapid7 Vulnerability & Exploit Database

Apple iOS Vulnerability: CVE-2009-2199

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

Apple iOS Vulnerability: CVE-2009-2199

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:P)

Published

08/12/2009

Created

07/25/2018

Added

10/08/2014

Modified

05/09/2019

Description

Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs.

Solution(s)

apple-ios-upgrade-latest

References

https://attackerkb.com/topics/cve-2009-2199
APPLE-SA-2009-08-11-1
APPLE-SA-2009-09-09-1
36026
CVE - 2009-2199
http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html
http://secunia.com/advisories/36677
http://secunia.com/advisories/43068
http://support.apple.com/kb/HT3733
http://www.vupen.com/english/advisories/2011/0212

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Apple iOS Vulnerability: CVE-2009-2199

Apple iOS Vulnerability: CVE-2009-2199

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.