Latest Apple Iphone OS 3 2 1 Security Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2010-11-26 CVE-2010-3827 Improper Input Validation vulnerability in Apple Iphone OS
Apple iOS before 4.2 does not properly validate signatures before displaying a configuration profile in the configuration installation utility, which allows remote attackers to spoof profiles via unspecified vectors.
Medium
2010-09-09 CVE-2010-1817 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS
Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.
Medium
2010-09-09 CVE-2010-1815 Unspecified vulnerability in multiple products
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars.
Medium
2010-09-09 CVE-2010-1814 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus.
Medium
2010-09-09 CVE-2010-1813 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS
WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines.
Medium
2010-09-09 CVE-2010-1812 Unspecified vulnerability in multiple products
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections.
Medium
2010-09-09 CVE-2010-1811 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS
ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF file.
Medium
2010-09-09 CVE-2010-1810 Unspecified vulnerability in Apple Iphone OS
FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not properly handle invalid X.509 certificates, which allows man-in-the-middle attackers to redirect calls via a crafted certificate.
Low
2010-09-09 CVE-2010-1809 Unspecified vulnerability in Apple Iphone OS
The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors.
Critical
2010-09-09 CVE-2010-1781 Unspecified vulnerability in multiple products
Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the rendering of an inline element.
Medium