Difference between revisions of "IPhone Firmware Versions"
From ivc wiki
Jump to navigationJump to search
| Line 27: | Line 27: | ||
** Visiting a malicious website may result in cross-site scripting | ** Visiting a malicious website may result in cross-site scripting | ||
** JavaScript on websites may access or manipulate the contents of documents served over HTTPS | ** JavaScript on websites may access or manipulate the contents of documents served over HTTPS | ||
** New WiFi iTunes Music Store feature | |||
Revision as of 20:55, 9 October 2007
1.0.0 - 2007-06-29
- Initial production software version.
1.0.1 - 2007-07-31
- Minor update - Apple's changelog
- Visiting a malicious website may allow cross-site scripting.
- Viewing a maliciously crafted web page may lead to arbitrary code execution.
- Visiting a malicious website may allow cross-site requests.
- Look-alike characters in a URL could be used to masquerade a website.
1.0.2 - 2007-08-21
- Minor update - Changes unknown
1.1.1 - 2007-10-01
- Major update - [iPhone v1.0.1 Update Apple's changelog]
- An attacker within Bluetooth range may be able to cause an unexpected application termination or arbitrary code execution.
- Checking email over untrusted networks may lead to information disclosure via a man-in-the-middle attack.
- Following a telephone ("tel:") link in Mail will dial a phone number without confirmation.
- Visiting a malicious website may lead to the disclosure of URL contents.
- Visiting a malicious website may lead to unintended dialing or dialing a different number than expected.
- Visiting a malicious website may lead to cross-site scripting.
- Disabling JavaScript does not take effect until Safari is restarted
- Visiting a malicious website may result in cross-site scripting
- Visiting a malicious website may result in cross-site scripting
- JavaScript on websites may access or manipulate the contents of documents served over HTTPS
- New WiFi iTunes Music Store feature
