CVE-2010-1757

CVE Database · CVE-2010-1757

CVE-2010-1757

· N/AModified

CVSS v3.1

N/A

EPSS

3.64%

Published

Jun 22, 2010

Modified

Apr 28, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document.

Weaknesses (CWE)

CWE-264

Affected Products (3)

apple · iphone_os (up to 4.0)vulnerable

apple · ipod_touch

apple · iphone_os

References (20)

http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

Mailing ListVendor Advisory

http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html

Mailing ListVendor Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

Mailing ListThird Party Advisory

http://secunia.com/advisories/42314

Third Party Advisory

http://secunia.com/advisories/43068

Third Party Advisory

http://support.apple.com/kb/HT4225

KEV Catalog EPSS Scores Vendors All CVEs