Vulnerabilities > Apple > Iphone OS > 1.1.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-08-19 | CVE-2010-2807 | Incorrect Conversion Between Numeric Types vulnerability in multiple products FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | 6.8 |
| 2010-08-19 | CVE-2010-2805 | Improper Input Validation vulnerability in multiple products The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | 6.8 |
| 2010-08-16 | CVE-2010-1797 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. | 9.3 |
| 2010-06-22 | CVE-2010-1775 | Race Condition vulnerability in Apple Iphone OS Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data, via vectors involving the initial boot. | 1.9 |
| 2010-06-22 | CVE-2010-1757 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document. | 6.4 |
| 2010-06-22 | CVE-2010-1756 | Unspecified vulnerability in Apple Iphone OS The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network. network apple | 5.8 |
| 2010-06-22 | CVE-2010-1755 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, which makes it easier for remote web servers to track users via a cookie. | 4.3 |
| 2010-06-22 | CVE-2010-1754 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunction with subsequent Remote Lock operations through MobileMe, which allows physically proximate attackers to bypass intended passcode requirements via unspecified vectors. | 6.9 |
| 2010-06-22 | CVE-2010-1753 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image. | 6.8 |
| 2010-06-22 | CVE-2010-1752 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling. | 6.8 |