Vulnerabilities > Apple > Iphone OS > 8.1.2

DATE CVE VULNERABILITY TITLE RISK
2015-08-17 CVE-2015-5757 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X
libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via an app that uses a crafted syscall to interfere with locking.
network
apple CWE-119
critical
9.3
2015-08-17 CVE-2015-5756 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5775.
network
apple CWE-119
6.8
2015-08-17 CVE-2015-5755 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Itunes and mac OS X
CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5761.
network
apple CWE-119
6.8
2015-08-17 CVE-2015-5752 Link Following vulnerability in Apple Iphone OS
Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via a crafted app that creates a symlink.
network
low complexity
apple CWE-59
5.0
2015-08-17 CVE-2015-5749 Information Exposure vulnerability in Apple Iphone OS
The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app.
network
apple CWE-200
4.3
2015-08-17 CVE-2015-5748 Code vulnerability in Apple Iphone OS, mac OS X and Safari
The kernel in Apple OS X before 10.10.5 does not properly mount HFS volumes, which allows local users to cause a denial of service via a crafted volume.
local
low complexity
apple CWE-17
2.1
2015-08-17 CVE-2015-5746 Improper Access Control vulnerability in Apple Iphone OS
AppleFileConduit in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via an afc command that leverages symlink mishandling.
network
low complexity
apple CWE-284
5.0
2015-08-17 CVE-2015-3807 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, mac OS X and Tvos
libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document.
network
apple CWE-119
4.3
2015-08-17 CVE-2015-3806 Improper Access Control vulnerability in Apple Iphone OS and mac OS X
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file.
local
low complexity
apple CWE-284
7.2
2015-08-17 CVE-2015-3805 Improper Input Validation vulnerability in Apple Iphone OS and mac OS X
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802.
local
low complexity
apple CWE-20
7.2