VYPR

Iphone OS

by Apple Inc.

CVEs (2,060)

  • CVE-2013-1028Sep 16, 2013
    risk 0.00cvss epss 0.01

    The IPSec implementation in Apple Mac OS X before 10.8.5, when Hybrid Auth is used, does not verify X.509 certificates from security gateways, which allows man-in-the-middle attackers to spoof security gateways and obtain sensitive information via a crafted certificate.

  • CVE-2013-1026Sep 16, 2013
    risk 0.00cvss epss 0.03

    Buffer overflow in ImageIO in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document.

  • CVE-2013-1025Sep 16, 2013
    risk 0.00cvss epss 0.03

    Buffer overflow in CoreGraphics in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JBIG2 data in a PDF document.

  • CVE-2013-4616Jun 18, 2013
    risk 0.00cvss epss 0.01

    The WifiPasswordController generateDefaultPassword method in Preferences in Apple iOS 6 and earlier relies on the UITextChecker suggestWordInLanguage method for selection of Wi-Fi hotspot WPA2 PSK passphrases, which makes it easier for remote attackers to obtain access via a…

  • CVE-2013-3955Jun 5, 2013
    risk 0.00cvss epss 0.00

    The get_xattrinfo function in the XNU kernel in Apple iOS 5.x and 6.x through 6.1.3 on iPad devices does not properly validate the header of an AppleDouble file, which might allow local users to cause a denial of service (memory corruption) or have unspecified other impact via…

  • CVE-2013-3954Jun 5, 2013
    risk 0.00cvss epss 0.00

    The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not properly validate the data for file actions and port actions, which allows local users to (1) cause a denial of service (panic) via a size value that is inconsistent with a header count field, or (2)…

  • CVE-2013-3953Jun 5, 2013
    risk 0.00cvss epss 0.00

    The mach_port_space_info function in osfmk/ipc/mach_debug.c in the XNU kernel in Apple Mac OS X 10.8.x does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted call.

  • CVE-2013-3951Jun 5, 2013
    risk 0.00cvss epss 0.00

    sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users to bypass cookie randomization by executing a program with a call-path…

  • CVE-2013-3950Jun 5, 2013
    risk 0.00cvss epss 0.02

    Stack-based buffer overflow in the openSharedCacheFile function in dyld.cpp in dyld in Apple iOS 5.1.x and 6.x through 6.1.3 makes it easier for attackers to conduct untethering attacks via a long string in the DYLD_SHARED_CACHE_DIR environment variable.

  • CVE-2013-3948Jun 5, 2013
    risk 0.00cvss epss 0.02

    Apple iOS 6.1.3 does not follow redirects during determination of the hostname to display in an iOS Enterprise Deployment installation dialog, which makes it easier for remote attackers to trigger installation of arbitrary applications via a download-manifest itms-services://…

  • CVE-2013-1019May 24, 2013
    risk 0.00cvss epss 0.06

    Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.

  • CVE-2013-1010May 20, 2013
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs…

  • CVE-2013-1008May 20, 2013
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs…

  • CVE-2013-1007May 20, 2013
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs…

  • CVE-2013-1006May 20, 2013
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs…

  • CVE-2013-1005May 20, 2013
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs…

  • CVE-2013-1004May 20, 2013
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs…

  • CVE-2013-1003May 20, 2013
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs…

  • CVE-2013-1002May 20, 2013
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs…

  • CVE-2013-1001May 20, 2013
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs…

Page 86 of 103