Difference between revisions of "IPhone Firmware Versions"
From ivc wiki
Jump to navigationJump to search
| Line 1: | Line 1: | ||
== 1.0.0 == | == 1.0.0 - 2007-06-29 == | ||
* Initial production software version. | * Initial production software version. | ||
== 1.0.1 == | == 1.0.1 - 2007-07-31 == | ||
* | * Minor update - [http://docs.info.apple.com/article.html?artnum=306173 Apple's changelog] | ||
* | ** Visiting a malicious website may allow cross-site scripting. | ||
** Viewing a maliciously crafted web page may lead to arbitrary code execution. | |||
** Visiting a malicious website may allow cross-site requests. | |||
** Look-alike characters in a URL could be used to masquerade a website. | |||
== 1.0.2 - 2007-08-21 == | |||
* Minor update - Changes unknown | |||
** Possibly fixing some multitouch issues for some. [http://cre.ations.net/blog/post/iphone-firmware-102-released-and-analyzed-hopes-for-new-features] | |||
** Possibly addressing some synchronization or activation issues. [http://cre.ations.net/blog/post/iphone-firmware-102-released-and-analyzed-hopes-for-new-features] | |||
** Reporting improvements to WiFi reception. | |||
== 1.1.1 - 2007-10-01 == | |||
* Major update - [iPhone v1.0.1 Update Apple's changelog] | |||
** An attacker within Bluetooth range may be able to cause an unexpected application termination or arbitrary code execution. | |||
** Checking email over untrusted networks may lead to information disclosure via a man-in-the-middle attack. | |||
** Following a telephone ("tel:") link in Mail will dial a phone number without confirmation. | |||
** Visiting a malicious website may lead to the disclosure of URL contents. | |||
** Visiting a malicious website may lead to unintended dialing or dialing a different number than expected. | |||
** Visiting a malicious website may lead to cross-site scripting. | |||
** Disabling JavaScript does not take effect until Safari is restarted | |||
** Visiting a malicious website may result in cross-site scripting | |||
** Visiting a malicious website may result in cross-site scripting | |||
** JavaScript on websites may access or manipulate the contents of documents served over HTTPS | |||
Revision as of 20:52, 9 October 2007
1.0.0 - 2007-06-29
- Initial production software version.
1.0.1 - 2007-07-31
- Minor update - Apple's changelog
- Visiting a malicious website may allow cross-site scripting.
- Viewing a maliciously crafted web page may lead to arbitrary code execution.
- Visiting a malicious website may allow cross-site requests.
- Look-alike characters in a URL could be used to masquerade a website.
1.0.2 - 2007-08-21
- Minor update - Changes unknown
1.1.1 - 2007-10-01
- Major update - [iPhone v1.0.1 Update Apple's changelog]
- An attacker within Bluetooth range may be able to cause an unexpected application termination or arbitrary code execution.
- Checking email over untrusted networks may lead to information disclosure via a man-in-the-middle attack.
- Following a telephone ("tel:") link in Mail will dial a phone number without confirmation.
- Visiting a malicious website may lead to the disclosure of URL contents.
- Visiting a malicious website may lead to unintended dialing or dialing a different number than expected.
- Visiting a malicious website may lead to cross-site scripting.
- Disabling JavaScript does not take effect until Safari is restarted
- Visiting a malicious website may result in cross-site scripting
- Visiting a malicious website may result in cross-site scripting
- JavaScript on websites may access or manipulate the contents of documents served over HTTPS
