Vulnerabilities > Apple > Iphone OS > 1.1.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-09-20 | CVE-2012-3729 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS The Berkeley Packet Filter (BPF) interpreter implementation in the kernel in Apple iOS before 6 accesses uninitialized memory locations, which allows local users to obtain sensitive information about the layout of kernel memory via a crafted program that uses a BPF interface. | 1.9 |
| 2012-09-20 | CVE-2012-3728 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS The kernel in Apple iOS before 6 dereferences invalid pointers during the handling of packet-filter data structures, which allows local users to gain privileges via a crafted program that makes packet-filter ioctl calls. | 6.9 |
| 2012-09-20 | CVE-2012-3727 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS Buffer overflow in the IPsec component in Apple iOS before 6 allows remote attackers to execute arbitrary code via a crafted racoon configuration file. | 6.8 |
| 2012-09-20 | CVE-2012-3726 | Resource Management Errors vulnerability in Apple Iphone OS Double free vulnerability in ImageIO in Apple iOS before 6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image. | 6.8 |
| 2012-09-20 | CVE-2012-3725 | Information Exposure vulnerability in Apple Iphone OS The DNAv4 protocol implementation in the DHCP component in Apple iOS before 6 sends Wi-Fi packets containing a MAC address of a host on a previously used network, which might allow remote attackers to obtain sensitive information about previous device locations by sniffing an unencrypted Wi-Fi network for these packets. | 3.3 |
| 2012-09-20 | CVE-2012-3724 | Information Exposure vulnerability in Apple Iphone OS CFNetwork in Apple iOS before 6 does not properly identify the host portion of a URL, which allows remote attackers to obtain sensitive information by leveraging the construction of an HTTP request with an incorrect hostname derived from a malformed URL. | 5.0 |
| 2012-09-20 | CVE-2012-3722 | Resource Management Errors vulnerability in Apple Iphone OS, mac OS X and mac OS X Server The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding. | 6.8 |
| 2012-09-13 | CVE-2012-3701 | Buffer Errors vulnerability in Apple Iphone OS and Itunes WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 9.3 |
| 2012-09-13 | CVE-2012-3687 | Buffer Errors vulnerability in Apple Iphone OS and Itunes WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 9.3 |
| 2012-09-13 | CVE-2012-3632 | Buffer Errors vulnerability in Apple Iphone OS and Itunes WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 9.3 |