Vulnerabilities > Apple > Iphone OS > 4.2.10

DATE CVE VULNERABILITY TITLE RISK
2015-07-03 CVE-2015-3725 Resource Management Errors vulnerability in Apple Iphone OS
MobileInstallation in Apple iOS before 8.4 does not ensure the uniqueness of Watch bundle IDs, which allows attackers to cause a denial of service (ID collision and Watch launch outage) via a crafted universal provisioning profile app.
network
apple CWE-399
4.3
2015-07-03 CVE-2015-3724 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS
CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulnerability than CVE-2015-3723.
network
apple CWE-119
6.8
2015-07-03 CVE-2015-3723 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS
CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulnerability than CVE-2015-3724.
network
apple CWE-119
6.8
2015-07-03 CVE-2015-3722 7PK - Security Features vulnerability in Apple Iphone OS
Application Store in Apple iOS before 8.4 does not ensure the uniqueness of bundle IDs, which allows attackers to cause a denial of service (ID collision and launch outage) via a crafted universal provisioning profile app.
network
apple CWE-254
4.3
2015-07-03 CVE-2015-3721 Information Exposure vulnerability in Apple Iphone OS and mac OS X
The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app.
network
apple CWE-200
4.3
2015-07-03 CVE-2015-3719 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X
TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3694.
network
apple CWE-119
6.8
2015-07-03 CVE-2015-3717 Classic Buffer Overflow vulnerability in multiple products
Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
network
low complexity
sqlite apple CWE-120
7.5
2015-07-03 CVE-2015-3710 7PK - Security Features vulnerability in Apple Iphone OS and mac OS X
Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.
network
apple CWE-254
4.3
2015-07-03 CVE-2015-3703 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X
ImageIO in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image.
network
apple CWE-119
6.8
2015-07-03 CVE-2015-3694 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X
FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3719.
network
apple CWE-119
6.8