Vulnerabilities > Apple > Iphone OS
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-09-19 | CVE-2013-5140 | Improper Input Validation vulnerability in Apple Iphone OS The kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (assertion failure and device restart) via an invalid packet fragment. | 7.8 |
| 2013-09-19 | CVE-2013-5139 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS The IOSerialFamily driver in Apple iOS before 7 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds array access) via a crafted application. | 9.3 |
| 2013-09-19 | CVE-2013-5138 | Denial of Service vulnerability in Apple iPhone/iPad/iPod touch Prior to iOS 7 IOCatalogue in IOKitUser in Apple iOS before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via a crafted application. local apple | 4.7 |
| 2013-09-19 | CVE-2013-5137 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS IOKit in Apple iOS before 7 allows attackers to send user-interface events to the foreground app by leveraging control over a background app and using the (1) task-completion API or (2) VoIP API. | 2.6 |
| 2013-09-19 | CVE-2013-5131 | Cross-Site Scripting vulnerability in Apple Iphone OS Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
| 2013-09-19 | CVE-2013-5129 | Cross-Site Scripting vulnerability in Apple Iphone OS Multiple cross-site scripting (XSS) vulnerabilities in WebKit in Apple iOS before 7 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation. | 4.3 |
| 2013-09-19 | CVE-2013-5128 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. | 6.8 |
| 2013-09-19 | CVE-2013-5127 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. | 6.8 |
| 2013-09-19 | CVE-2013-5126 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. | 6.8 |
| 2013-09-19 | CVE-2013-5125 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. | 6.8 |