Vulnerabilities > Apple > Iphone OS > 3.2

DATE CVE VULNERABILITY TITLE RISK
2014-09-18 CVE-2014-4413 Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Tvos
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.
network
apple CWE-119
6.8
2014-09-18 CVE-2014-4412 Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Tvos
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.
network
apple CWE-119
6.8
2014-09-18 CVE-2014-4411 Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Tvos
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.
network
apple CWE-119
6.8
2014-09-18 CVE-2014-4410 Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Tvos
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2.
network
apple CWE-119
6.8
2014-09-18 CVE-2014-4409 Information Exposure vulnerability in Apple Iphone OS
WebKit in Apple iOS before 8 makes it easier for remote attackers to track users during private browsing via a crafted web site that reads HTML5 application-cache data that had been stored during normal browsing.
network
apple CWE-200
4.3
2014-09-18 CVE-2014-4408 Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Tvos
The rt_setgate function in the kernel in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (out-of-bounds read and device crash) via a crafted call.
local
apple CWE-119
6.9
2014-09-18 CVE-2014-4407 Information Exposure vulnerability in Apple Iphone OS, mac OS X and Tvos
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls.
network
apple CWE-200
4.3
2014-09-18 CVE-2014-4405 NULL Pointer Dereference Remote Code Execution vulnerability in Apple Iphone OS, mac OS X and Tvos
IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted key-mapping properties.
network
apple
critical
9.3
2014-09-18 CVE-2014-4404 Out-of-bounds Write vulnerability in Apple Iphone OS and mac OS X
Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties.
local
low complexity
apple CWE-787
7.8
2014-09-18 CVE-2014-4389 Numeric Errors vulnerability in Apple Iphone OS, mac OS X and Tvos
Integer overflow in IOKit in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted API arguments.
network
apple CWE-189
critical
9.3