Latest Apple Iphone OS 3 2 1 Security Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2010-08-16 CVE-2010-1797 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS
Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe.
Critical
2010-06-22 CVE-2010-1757 Unspecified vulnerability in Apple Iphone OS
WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document.
Medium
2010-06-22 CVE-2010-1756 Unspecified vulnerability in Apple Iphone OS
The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network.
Medium
2010-06-22 CVE-2010-1755 Unspecified vulnerability in Apple Iphone OS
Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, which makes it easier for remote web servers to track users via a cookie.
Medium
2010-06-22 CVE-2010-1754 Unspecified vulnerability in Apple Iphone OS
Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunction with subsequent Remote Lock operations through MobileMe, which allows physically proximate attackers to bypass intended passcode requirements via unspecified vectors.
Medium
2010-06-22 CVE-2010-1753 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS
ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image.
Medium
2010-06-22 CVE-2010-1752 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS
Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling.
Medium
2010-06-22 CVE-2010-1751 Unspecified vulnerability in Apple Iphone OS
Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-library access, which might allow remote attackers to obtain location information via unspecified vectors.
Medium
2010-06-18 CVE-2010-1387 Unspecified vulnerability in Apple Iphone OS and Itunes
Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769.
Critical