Vulnerabilities > Apple > Iphone OS > 6.1.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-05-20 | CVE-2013-1000 | Buffer Errors vulnerability in Apple Iphone OS and Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 9.3 |
2013-05-20 | CVE-2013-0999 | Buffer Errors vulnerability in Apple Iphone OS and Itunes WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 9.3 |
2013-03-20 | CVE-2013-0981 | Unspecified vulnerability in Apple Iphone OS and Tvos The IOUSBDeviceFamily driver in the USB implementation in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 accesses pipe object pointers that originated in userspace, which allows local users to gain privileges via crafted code. | 7.2 |
2013-03-20 | CVE-2013-0980 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS The Passcode Lock implementation in Apple iOS before 6.1.3 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement by leveraging an error in the emergency-call feature. | 2.1 |
2013-03-20 | CVE-2013-0979 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS lockdownd in Lockdown in Apple iOS before 6.1.3 does not properly consider file types during the permission-setting step of a backup restoration, which allows local users to change the permissions of arbitrary files via a backup that contains a pathname with a symlink. | 1.9 |
2013-03-20 | CVE-2013-0978 | Information Exposure vulnerability in Apple Iphone OS and Tvos The ARM prefetch abort handler in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not ensure that it has been invoked in an abort context, which makes it easier for local users to bypass the ASLR protection mechanism via crafted code. | 2.1 |
2013-03-20 | CVE-2013-0977 | Security Bypass vulnerability in Apple Iphone OS and Tvos dyld in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not properly manage the state of file loading for Mach-O executable files, which allows local users to bypass intended code-signing requirements via a file that contains overlapping segments. | 4.6 |
2012-05-16 | CVE-2011-3102 | Numeric Errors vulnerability in Google Chrome Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. | 6.8 |