Vulnerabilities > Apple > Iphone OS > 4.2.10

DATE CVE VULNERABILITY TITLE RISK
2015-12-11 CVE-2015-7079 Improper Input Validation vulnerability in Apple Iphone OS and Tvos
dyld in Apple iOS before 9.2 and tvOS before 9.1 mishandles segment validation, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
network
apple CWE-20
critical
9.3
2015-12-11 CVE-2015-7075 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.
network
apple CWE-119
6.8
2015-12-11 CVE-2015-7074 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, mac OS X and Tvos
CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file.
network
apple CWE-119
6.8
2015-12-11 CVE-2015-7073 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted SSL handshake.
network
apple CWE-119
6.8
2015-12-11 CVE-2015-7072 Improper Input Validation vulnerability in Apple Iphone OS, Tvos and Watchos
dyld in Apple iOS before 9.2, tvOS before 9.1, and watchOS before 2.1 mishandles segment validation, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
network
apple CWE-20
critical
9.3
2015-12-11 CVE-2015-7070 Unspecified vulnerability in Apple Iphone OS
Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows attackers to execute arbitrary code in a privileged context via an app that provides a crafted pathname, a different vulnerability than CVE-2015-7069.
network
apple
critical
9.3
2015-12-11 CVE-2015-7069 Unspecified vulnerability in Apple Iphone OS
Mobile Replayer in GPUTools Framework in Apple iOS before 9.2 allows attackers to execute arbitrary code in a privileged context via an app that provides a crafted pathname, a different vulnerability than CVE-2015-7070.
network
apple
critical
9.3
2015-12-11 CVE-2015-7068 NULL Pointer Dereference vulnerability in Apple products
IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type.
network
apple CWE-476
critical
9.3
2015-12-11 CVE-2015-7066 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
OpenGL in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-7064.
network
apple CWE-119
6.8
2015-12-11 CVE-2015-7065 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, mac OS X and Tvos
OpenGL in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
network
apple CWE-119
6.8