Vulnerabilities > Apple > Iphone OS > 1.1.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-09-20 | CVE-2012-3737 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS The Passcode Lock implementation in Apple iOS before 6 does not properly restrict photo viewing, which allows physically proximate attackers to view arbitrary stored photos by spoofing a time value. | 2.1 |
| 2012-09-20 | CVE-2012-3736 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS The Passcode Lock implementation in Apple iOS before 6 allows physically proximate attackers to bypass an intended passcode requirement via vectors related to ending a FaceTime call. | 4.6 |
| 2012-09-20 | CVE-2012-3735 | Information Exposure vulnerability in Apple Iphone OS The Passcode Lock implementation in Apple iOS before 6 does not properly interact with the "Slide to Power Off" feature, which allows physically proximate attackers to see the most recently used third-party app by watching the device's screen. | 2.1 |
| 2012-09-20 | CVE-2012-3734 | Cryptographic Issues vulnerability in Apple Iphone OS Office Viewer in Apple iOS before 6 writes cleartext document data to a temporary file, which might allow local users to bypass a document's intended (1) Data Protection level or (2) encryption state by reading the temporary content. | 1.9 |
| 2012-09-20 | CVE-2012-3733 | Information Exposure vulnerability in Apple Iphone OS Messages in Apple iOS before 6, when multiple iMessage e-mail addresses are configured, does not ensure that a reply's sender address matches the recipient address of the original message, which allows remote attackers to obtain potentially sensitive information about alternate e-mail addresses in opportunistic circumstances by reading a reply. | 4.3 |
| 2012-09-20 | CVE-2012-3732 | Cryptographic Issues vulnerability in Apple Iphone OS Mail in Apple iOS before 6 uses an S/MIME message's From address as the displayed sender address, which allows remote attackers to spoof signed content via an e-mail message in which the From field does not match the signer's identity. | 6.4 |
| 2012-09-20 | CVE-2012-3731 | Security Bypass vulnerability in Apple iPhone/iPad/iPod touch Prior to iOS 6 Mail in Apple iOS before 6 does not properly implement the Data Protection feature for e-mail attachments, which allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors. | 2.1 |
| 2012-09-20 | CVE-2012-3730 | Security Bypass vulnerability in Apple iPhone/iPad/iPod touch Prior to iOS 6 Mail in Apple iOS before 6 does not properly handle reuse of Content-ID header values, which allows remote attackers to spoof attachments via a header value that was also used in a previous e-mail message, as demonstrated by a message from a different sender. network apple | 4.3 |
| 2012-09-20 | CVE-2012-3729 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS The Berkeley Packet Filter (BPF) interpreter implementation in the kernel in Apple iOS before 6 accesses uninitialized memory locations, which allows local users to obtain sensitive information about the layout of kernel memory via a crafted program that uses a BPF interface. | 1.9 |
| 2012-09-20 | CVE-2012-3728 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS The kernel in Apple iOS before 6 dereferences invalid pointers during the handling of packet-filter data structures, which allows local users to gain privileges via a crafted program that makes packet-filter ioctl calls. | 6.9 |