Vulnerabilities > Apple > Iphone OS > 1.1.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-12-11 | CVE-2015-7046 | Information Exposure vulnerability in Apple products The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with root privileges. | 2.6 |
2015-12-11 | CVE-2015-7043 | Multiple Security vulnerability in Apple Mac OS X/watchOS/iOS/tvOS The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7042. network apple | 4.3 |
2015-12-11 | CVE-2015-7042 | Multiple Security vulnerability in Apple Mac OS X/watchOS/iOS/tvOS The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7041, and CVE-2015-7043. network apple | 4.3 |
2015-12-11 | CVE-2015-7041 | Multiple Security vulnerability in Apple Mac OS X/watchOS/iOS/tvOS The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7042, and CVE-2015-7043. network apple | 4.3 |
2015-12-11 | CVE-2015-7040 | Multiple Security vulnerability in Apple Mac OS X/watchOS/iOS/tvOS The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7041, CVE-2015-7042, and CVE-2015-7043. network apple | 4.3 |
2015-12-11 | CVE-2015-7039 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7038. | 6.8 |
2015-12-11 | CVE-2015-7038 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7039. | 6.8 |
2015-12-11 | CVE-2015-7037 | Path Traversal vulnerability in Apple Iphone OS Directory traversal vulnerability in Mobile Backup in Photos in Apple iOS before 9.2 allows attackers to read arbitrary files via a crafted pathname. | 5.0 |
2015-12-11 | CVE-2015-7001 | Permissions, Privileges, and Access Controls vulnerability in Apple products AppSandbox in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 mishandles hard links, which allows attackers to bypass Contacts access revocation via a crafted app. | 6.8 |
2015-11-22 | CVE-2015-7036 | Improper Input Validation vulnerability in Apple Iphone OS and mac OS X The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument. | 7.5 |