Vulnerabilities > Apple > Iphone OS > 3.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-06-22 | CVE-2010-1756 | Unspecified vulnerability in Apple Iphone OS The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network. network apple | 5.8 |
2010-06-22 | CVE-2010-1755 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, which makes it easier for remote web servers to track users via a cookie. | 4.3 |
2010-06-22 | CVE-2010-1754 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunction with subsequent Remote Lock operations through MobileMe, which allows physically proximate attackers to bypass intended passcode requirements via unspecified vectors. | 6.9 |
2010-06-22 | CVE-2010-1753 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image. | 6.8 |
2010-06-22 | CVE-2010-1752 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling. | 6.8 |
2010-06-22 | CVE-2010-1751 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-library access, which might allow remote attackers to obtain location information via unspecified vectors. | 5.0 |
2010-06-22 | CVE-2010-1407 | Information Exposure vulnerability in Apple Iphone OS WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via a crafted HTML document. | 4.3 |
2010-06-18 | CVE-2010-1387 | Resource Management Errors vulnerability in Apple Itunes Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769. | 9.3 |
2010-03-15 | CVE-2010-0050 | Use After Free vulnerability in multiple products Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags. | 8.8 |
2009-11-13 | CVE-2009-2816 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web page. | 6.8 |