Vulnerabilities > Apple > Iphone OS > 1.1.4

DATE CVE VULNERABILITY TITLE RISK
2013-09-19 CVE-2013-1041 Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.
network
apple CWE-119
6.8
2013-09-19 CVE-2013-1040 Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.
network
apple CWE-119
6.8
2013-09-19 CVE-2013-1039 Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.
network
apple CWE-119
6.8
2013-09-19 CVE-2013-1038 Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.
network
apple CWE-119
6.8
2013-09-19 CVE-2013-1037 Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.
network
apple CWE-119
6.8
2013-09-19 CVE-2013-1036 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS
Safari in Apple iOS before 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
network
apple CWE-119
6.8
2013-09-19 CVE-2013-0957 Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS
Data Protection in Apple iOS before 7 allows attackers to bypass intended limits on incorrect passcode entry, and consequently avoid a configured Erase Data setting, by leveraging the presence of an app in the third-party sandbox.
network
apple CWE-264
5.8
2013-09-19 CVE-2011-2391 Improper Input Validation vulnerability in Apple Iphone OS, Itunes and mac OS X
The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets.
low complexity
apple CWE-20
6.1
2013-09-16 CVE-2013-1028 Improper Input Validation vulnerability in Apple Iphone OS and mac OS X
The IPSec implementation in Apple Mac OS X before 10.8.5, when Hybrid Auth is used, does not verify X.509 certificates from security gateways, which allows man-in-the-middle attackers to spoof security gateways and obtain sensitive information via a crafted certificate.
network
apple CWE-20
5.8
2013-09-16 CVE-2013-1026 Buffer Errors vulnerability in Apple Iphone OS and mac OS X
Buffer overflow in ImageIO in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document.
network
apple CWE-119
6.8