CVE-2010-1757
WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document.
Date published : 2010-06-22
http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html