CVE-2012-0585
Description
The Private Browsing feature in Safari in Apple iOS before 5.1 allows remote attackers to bypass intended privacy settings and insert history entries via JavaScript code that calls the (1) pushState or (2) replaceState method.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An issue in Apple iOS before 5.1 allows remote attackers to bypass Private Browsing privacy settings via JavaScript pushState or replaceState calls.
Vulnerability
The vulnerability resides in the Private Browsing feature of Safari in Apple iOS versions prior to 5.1. It allows web pages to bypass intended privacy settings by using JavaScript code that calls the pushState() or replaceState() methods of the History API. This can insert entries into the browsing history even when Private Browsing mode is active, undermining the feature's core purpose of not recording visited pages. The affected versions are iOS 5.0 and earlier.
Exploitation
An attacker can exploit this remotely by hosting a malicious webpage or injecting JavaScript into a legitimate page (e.g., via a cross-site scripting vulnerability). The user only needs to visit the crafted page while Private Browsing is enabled. No additional authentication or user interaction beyond visiting the page is required.
Impact
Successful exploitation allows the attacker to populate the user's browser history with arbitrary entries, defeating the privacy protections of Private Browsing. This can be used for user tracking, history-based attacks, or to leave traces of visited content despite the user's expectation of no history being recorded.
Mitigation
Apple addressed this vulnerability in iOS 5.1, released on March 7, 2012 [1]. Users should update their devices to iOS 5.1 or later to mitigate the issue. No workarounds are available for affected versions.
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Range: <5.1
- Range: <5.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- lists.apple.com/archives/security-announce/2012/Mar/msg00001.htmlnvdMailing ListVendor Advisory
- lists.apple.com/archives/security-announce/2012/Mar/msg00003.htmlnvdMailing ListVendor Advisory
- secunia.com/advisories/48288nvdThird Party Advisory
- secunia.com/advisories/48377nvdThird Party Advisory
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/73871nvdThird Party AdvisoryVDB Entry
- osvdb.org/79964nvdBroken Link
News mentions
0No linked articles in our index yet.