Vulnerabilities > Apple > Iphone OS > 4.3.3

DATE CVE VULNERABILITY TITLE RISK
2012-03-08 CVE-2012-0593 Buffer Errors vulnerability in Apple Iphone OS and Itunes
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
network
apple CWE-119
critical
 9.3
9.3
2012-03-08 CVE-2012-0592 Buffer Errors vulnerability in Apple Iphone OS and Itunes
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
network
apple CWE-119
critical
 9.3
9.3
2012-03-08 CVE-2012-0591 Buffer Errors vulnerability in Apple Iphone OS and Itunes
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
network
apple CWE-119
critical
 9.3
9.3
2012-03-08 CVE-2012-0590 Cross-Site Scripting vulnerability in Apple Iphone OS
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a drag-and-drop operation.
network
apple CWE-79
4.3
4.3
2012-03-08 CVE-2012-0589 Cross-Site Scripting vulnerability in Apple Iphone OS
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0588.
network
apple CWE-79
4.3
4.3
2012-03-08 CVE-2012-0588 Cross-Site Scripting vulnerability in Apple Iphone OS
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0589.
network
apple CWE-79
4.3
4.3
2012-03-08 CVE-2012-0587 Cross-Site Scripting vulnerability in Apple Iphone OS
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0588, and CVE-2012-0589.
network
apple CWE-79
4.3
4.3
2012-03-08 CVE-2012-0586 Cross-Site Scripting vulnerability in Apple Iphone OS
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0587, CVE-2012-0588, and CVE-2012-0589.
network
apple CWE-79
4.3
4.3
2012-03-08 CVE-2012-0585 Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS
The Private Browsing feature in Safari in Apple iOS before 5.1 allows remote attackers to bypass intended privacy settings and insert history entries via JavaScript code that calls the (1) pushState or (2) replaceState method.
network
low complexity
apple CWE-264
5.0
5.0
2012-03-05 CVE-2011-3044 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements. 		6.8
6.8