VYPR

TV

by Apple Inc.

CVEs (149)

  • CVE-2014-1267Mar 14, 2014
    risk 0.00cvss epss 0.01

    The Configuration Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 does not properly evaluate the expiration date of a mobile configuration profile, which allows attackers to bypass intended access restrictions by using a profile after the date has passed.

  • CVE-2013-0981Mar 20, 2013
    risk 0.00cvss epss 0.00

    The IOUSBDeviceFamily driver in the USB implementation in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 accesses pipe object pointers that originated in userspace, which allows local users to gain privileges via crafted code.

  • CVE-2013-0978Mar 20, 2013
    risk 0.00cvss epss 0.00

    The ARM prefetch abort handler in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not ensure that it has been invoked in an abort context, which makes it easier for local users to bypass the ASLR protection mechanism via crafted code.

  • CVE-2013-0977Mar 20, 2013
    risk 0.00cvss epss 0.00

    dyld in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not properly manage the state of file loading for Mach-O executable files, which allows local users to bypass intended code-signing requirements via a file that contains overlapping segments.

  • CVE-2013-0964Jan 29, 2013
    risk 0.00cvss epss 0.01

    The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page.

  • CVE-2011-3427Oct 14, 2011
    risk 0.00cvss epss 0.01

    The Data Security component in Apple iOS before 5 and Apple TV before 4.4 does not properly restrict use of the MD5 hash algorithm within X.509 certificates, which makes it easier for man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted…

  • CVE-2011-3259Oct 14, 2011
    risk 0.00cvss epss 0.02

    The kernel in Apple iOS before 5 and Apple TV before 4.4 does not properly recover memory allocated for incomplete TCP connections, which allows remote attackers to cause a denial of service (resource consumption) by making many connection attempts.

  • CVE-2011-1418Mar 11, 2011
    risk 0.00cvss epss 0.01

    The stateless address autoconfiguration (aka SLAAC) functionality in the IPv6 networking implementation in Apple iOS before 4.3 and Apple TV before 4.2 places the MAC address into the IPv6 address, which makes it easier for remote IPv6 servers to track users by logging source…

  • CVE-2011-0162Mar 11, 2011
    risk 0.00cvss epss 0.03

    Wi-Fi in Apple iOS before 4.3 and Apple TV before 4.2 does not properly perform bounds checking for Wi-Fi frames, which allows remote attackers to cause a denial of service (device reset) via unspecified traffic on the local wireless network.

Page 8 of 8