Vulnerabilities > Apple > Iphone OS > 1.0.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-11-25 | CVE-2008-4230 | Information Exposure vulnerability in Apple Iphone OS The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 displays SMS messages when the emergency-call screen is visible, which allows physically proximate attackers to obtain sensitive information by reading these messages. | 1.9 |
2008-11-25 | CVE-2008-4229 | Race Condition vulnerability in Apple Iphone OS Race condition in the Passcode Lock feature in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.0 through 2.1 allows physically proximate attackers to remove the lock and launch arbitrary applications by restoring the device from a backup. | 3.7 |
2008-11-25 | CVE-2008-4228 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows physically proximate attackers to leverage the emergency-call ability of locked devices to make a phone call to an arbitrary number. | 3.6 |
2008-11-25 | CVE-2008-4227 | Cryptographic Issues vulnerability in Apple Iphone OS Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 changes the encryption level of PPTP VPN connections to a lower level than was previously used, which makes it easier for remote attackers to obtain sensitive information or hijack a connection by decrypting network traffic. | 7.5 |
2008-11-25 | CVE-2008-1586 | Resource Management Errors vulnerability in Apple Iphone OS ImageIO in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allow remote attackers to cause a denial of service (memory consumption and device reset) via a crafted TIFF image. | 7.1 |
2008-10-10 | CVE-2008-4211 | Numeric Errors vulnerability in Apple Iphone OS, mac OS X and mac OS X Server Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Microsoft Excel file that triggers an out-of-bounds memory access, related to "handling of columns." | 10.0 |
2008-08-27 | CVE-2008-3281 | XML Entity Expansion vulnerability in multiple products libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document. | 6.5 |
2008-01-16 | CVE-2008-0034 | Unspecified vulnerability in Apple Iphone and Iphone OS Unspecified vulnerability in Passcode Lock in Apple iPhone 1.0 through 1.1.2 allows users with physical access to execute applications without entering the passcode via vectors related to emergency calls. | 4.6 |
2007-09-27 | CVE-2007-3755 | Improper Input Validation vulnerability in Apple Iphone and Iphone OS Mail in Apple iPhone 1.1.1 allows remote user-assisted attackers to force the iPhone user to make calls to arbitrary telephone numbers via a "tel:" link, which does not prompt the user before dialing the number. | 4.3 |
2007-09-27 | CVE-2007-3754 | Improper Authentication vulnerability in Apple Iphone and Iphone OS Mail in Apple iPhone 1.1.1, when using SSL, does not warn the user when the mail server changes or is not trusted, which might allow remote attackers to steal credentials and read email via a man-in-the-middle (MITM) attack. | 4.3 |