Vulnerabilities > Apple > Iphone OS > 4.2.10

DATE CVE VULNERABILITY TITLE RISK
2016-02-07 CVE-2016-0802 Improper Input Validation vulnerability in multiple products
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25306181.
low complexity
google apple CWE-20
8.3
2016-02-07 CVE-2016-0801 Improper Input Validation vulnerability in multiple products
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029.
low complexity
apple google CWE-20
8.3
2016-02-01 CVE-2016-1730 Information Exposure vulnerability in Apple Iphone OS
WebSheet in Apple iOS before 9.2.1 allows remote attackers to read or write to cookies by operating a crafted captive portal.
network
apple CWE-200
5.8
2016-02-01 CVE-2016-1728 Information Exposure vulnerability in Apple Iphone OS and Safari
The Cascading Style Sheets (CSS) implementation in Apple iOS before 9.2.1 and Safari before 9.0.3 mishandles the "a:visited button" selector during height processing, which makes it easier for remote attackers to obtain sensitive browser-history information via a crafted web site.
network
apple CWE-200
4.3
2016-02-01 CVE-2016-1727 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1724.
network
apple webkitgtk CWE-119
critical
9.3
2016-02-01 CVE-2016-1726 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Safari and Watchos
WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1723 and CVE-2016-1725.
network
apple CWE-119
critical
9.3
2016-02-01 CVE-2016-1725 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Safari and Watchos
WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1723 and CVE-2016-1726.
network
apple CWE-119
critical
9.3
2016-02-01 CVE-2016-1724 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1727.
6.8
2016-02-01 CVE-2016-1723 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Safari and Watchos
WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1725 and CVE-2016-1726.
network
apple CWE-119
critical
9.3
2016-02-01 CVE-2016-1722 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
syslog in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
local
low complexity
apple CWE-119
7.2