Vulnerabilities > Apple > Iphone OS

DATE CVE VULNERABILITY TITLE RISK
2014-07-01 CVE-2014-1382 Buffer Errors vulnerability in Apple Iphone OS, Safari and Tvos
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
network
apple CWE-119
6.8
6.8
2014-07-01 CVE-2014-1368 Buffer Errors vulnerability in Apple Iphone OS, Safari and Tvos
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
network
apple CWE-119
6.8
6.8
2014-07-01 CVE-2014-1367 Buffer Errors vulnerability in Apple Iphone OS, Safari and Tvos
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
network
apple CWE-119
6.8
6.8
2014-07-01 CVE-2014-1366 Buffer Errors vulnerability in Apple Iphone OS, Safari and Tvos
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
network
apple CWE-119
6.8
6.8
2014-07-01 CVE-2014-1365 Buffer Errors vulnerability in Apple Iphone OS, Safari and Tvos
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
network
apple CWE-119
6.8
6.8
2014-07-01 CVE-2014-1364 Buffer Errors vulnerability in Apple Iphone OS, Safari and Tvos
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
network
apple CWE-119
6.8
6.8
2014-07-01 CVE-2014-1363 Buffer Errors vulnerability in Apple Iphone OS, Safari and Tvos
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
network
apple CWE-119
6.8
6.8
2014-07-01 CVE-2014-1362 Buffer Errors vulnerability in Apple Iphone OS, Safari and Tvos
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.
network
apple CWE-119
6.8
6.8
2014-07-01 CVE-2014-1361 Information Exposure vulnerability in Apple Iphone OS, mac OS X and Tvos
Secure Transport in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 does not ensure that a DTLS message is accepted only for a DTLS connection, which allows remote attackers to obtain potentially sensitive information from uninitialized process memory by providing a DTLS message within a TLS connection.
network
low complexity
apple CWE-200
5.0
5.0
2014-07-01 CVE-2014-1360 Improper Input Validation vulnerability in Apple Iphone OS
Lockdown in Apple iOS before 7.1.2 does not properly verify data from activation servers, which makes it easier for physically proximate attackers to bypass the Activation Lock protection mechanism via unspecified vectors.
local
low complexity
apple CWE-20
2.1
2.1