VYPR

iOS

by Apple Inc.

CVEs (2,979)

  • CVE-2010-3828Nov 26, 2010
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.01

    iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a crafted URL in an ad.

  • CVE-2010-3827Nov 26, 2010
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.01

    Apple iOS before 4.2 does not properly validate signatures before displaying a configuration profile in the configuration installation utility, which allows remote attackers to spoof profiles via unspecified vectors.

  • CVE-2010-1817Sep 9, 2010
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.01

    Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.

  • CVE-2010-1815Sep 9, 2010
    Webkitgtk
    Webkitgtk
    risk 0.00cvss epss 0.06

    Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars.

  • CVE-2010-1814Sep 9, 2010
    Webkitgtk
    Webkitgtk
    risk 0.00cvss epss 0.05

    WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus.

  • CVE-2010-1812Sep 9, 2010
    Webkitgtk
    Webkitgtk
    risk 0.00cvss epss 0.06

    Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections.

  • CVE-2010-1811Sep 9, 2010
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.04

    ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF file.

  • CVE-2010-1810Sep 9, 2010
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.00

    FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not properly handle invalid X.509 certificates, which allows man-in-the-middle attackers to redirect calls via a crafted certificate.

  • CVE-2010-1809Sep 9, 2010
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.01

    The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors.

  • CVE-2010-1775Jun 22, 2010
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.00

    Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data, via vectors involving the initial boot.

  • CVE-2010-1757Jun 22, 2010
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.03

    WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document.

  • CVE-2010-1756Jun 22, 2010
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.00

    The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network.

  • CVE-2010-1755Jun 22, 2010
    Apple Inc.
    Safari
    risk 0.00cvss epss 0.00

    Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, which makes it easier for remote web servers to track users via a cookie.

  • CVE-2010-1754Jun 22, 2010
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.00

    Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunction with subsequent Remote Lock operations through MobileMe, which allows physically proximate attackers to bypass intended passcode requirements via…

  • CVE-2010-1753Jun 22, 2010
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.02

    ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image.

  • CVE-2010-1752Jun 22, 2010
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.03

    Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling.

  • CVE-2010-1751Jun 22, 2010
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.00

    Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-library access, which might allow remote attackers to obtain location information via unspecified vectors.

  • CVE-2010-1407Jun 22, 2010
    Apple Inc.
    Webkit
    risk 0.00cvss epss 0.01

    WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via a crafted HTML document.

  • CVE-2010-1769Jun 18, 2010
    Apple Inc.
    iTunes
    risk 0.00cvss epss 0.06

    WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted…

Page 149 of 149