Vulnerabilities > Apple > Iphone OS > 5.0

DATE CVE VULNERABILITY TITLE RISK
2015-07-03 CVE-2015-3722 7PK - Security Features vulnerability in Apple Iphone OS
Application Store in Apple iOS before 8.4 does not ensure the uniqueness of bundle IDs, which allows attackers to cause a denial of service (ID collision and launch outage) via a crafted universal provisioning profile app.
network
apple CWE-254
4.3
2015-07-03 CVE-2015-3721 Information Exposure vulnerability in Apple Iphone OS and mac OS X
The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app.
network
apple CWE-200
4.3
2015-07-03 CVE-2015-3719 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X
TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3694.
network
apple CWE-119
6.8
2015-07-03 CVE-2015-3717 Classic Buffer Overflow vulnerability in multiple products
Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
network
low complexity
sqlite apple CWE-120
7.5
2015-07-03 CVE-2015-3710 7PK - Security Features vulnerability in Apple Iphone OS and mac OS X
Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.
network
apple CWE-254
4.3
2015-07-03 CVE-2015-3703 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X
ImageIO in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image.
network
apple CWE-119
6.8
2015-07-03 CVE-2015-3694 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X
FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3719.
network
apple CWE-119
6.8
2015-07-03 CVE-2015-3690 Information Exposure vulnerability in Apple Iphone OS and mac OS X
The DiskImages subsystem in Apple iOS before 8.4 and OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.
network
apple CWE-200
4.3
2015-07-03 CVE-2015-3689 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3688.
network
apple CWE-119
6.8
2015-07-03 CVE-2015-3688 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Itunes and mac OS X
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3689.
network
apple CWE-119
6.8