Vulnerabilities > Apple > Iphone OS > 4.2.10

DATE CVE VULNERABILITY TITLE RISK
2016-03-24 CVE-2016-1779 Information Exposure vulnerability in Apple Iphone OS and Safari
WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote attackers to bypass the Same Origin Policy and obtain physical-location data via a crafted geolocation request.
network
apple CWE-200
4.3
2016-03-24 CVE-2016-1778 Resource Management Errors vulnerability in Apple Iphone OS and Safari
WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
network
apple CWE-399
critical
9.3
2016-03-24 CVE-2016-1775 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
network
apple CWE-119
critical
9.3
2016-03-24 CVE-2016-1766 Unspecified vulnerability in Apple Iphone OS
The Profiles component in Apple iOS before 9.3 does not properly validate certificates, which allows attackers to spoof an MDM profile trust relationship via unspecified vectors.
network
low complexity
apple
5.0
2016-03-24 CVE-2016-1763 Improper Input Validation vulnerability in Apple Iphone OS
Messages in Apple iOS before 9.3 does not ensure that an auto-fill action applies to the intended message thread, which allows remote authenticated users to obtain sensitive information by providing a crafted sms: URL and reading a thread.
network
apple CWE-20
3.5
2016-03-24 CVE-2016-1762 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
5.8
2016-03-24 CVE-2016-1761 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, mac OS X and Watchos
libxml2 in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
network
low complexity
apple CWE-119
critical
10.0
2016-03-24 CVE-2016-1758 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X
The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app.
network
apple CWE-119
4.3
2016-03-24 CVE-2016-1757 Race Condition vulnerability in Apple Iphone OS and mac OS X
Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app.
network
apple CWE-362
critical
9.3
2016-03-24 CVE-2016-1756 Unspecified vulnerability in Apple Iphone OS and mac OS X
The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
network
apple
critical
9.3