Vulnerabilities > Apple > Iphone OS > 4.2.10

DATE CVE VULNERABILITY TITLE RISK
2012-03-08 CVE-2012-0587 Cross-Site Scripting vulnerability in Apple Iphone OS
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0588, and CVE-2012-0589.
network
apple CWE-79
4.3
2012-03-08 CVE-2012-0586 Cross-Site Scripting vulnerability in Apple Iphone OS
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0587, CVE-2012-0588, and CVE-2012-0589.
network
apple CWE-79
4.3
2012-03-08 CVE-2012-0585 Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS
The Private Browsing feature in Safari in Apple iOS before 5.1 allows remote attackers to bypass intended privacy settings and insert history entries via JavaScript code that calls the (1) pushState or (2) replaceState method.
network
low complexity
apple CWE-264
5.0
2012-03-05 CVE-2011-3044 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements.
6.8
2012-03-05 CVE-2011-3043 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox (aka flexible box) in conjunction with the floating of elements.
6.8
2012-03-05 CVE-2011-3042 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections.
6.8
2012-03-05 CVE-2011-3041 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of class attributes.
6.8
2012-03-05 CVE-2011-3040 Out-Of-Bounds Read vulnerability in Google Chrome
Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.
4.3
2012-03-05 CVE-2011-3039 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to quote handling.
6.8
2012-03-05 CVE-2011-3038 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling.
6.8