Vulnerabilities > Apple > Iphone OS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-09-18 | CVE-2015-3801 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS and Safari The document.cookie API implementation in the CFNetwork Cookies subsystem in WebKit in Apple iOS before 9 allows remote attackers to bypass an intended single-cookie restriction via unspecified vectors. | 5.0 |
| 2015-09-18 | CVE-2014-8611 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application. | 6.9 |
| 2015-08-17 | CVE-2015-5782 | Information Exposure vulnerability in Apple Iphone OS and mac OS X ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image. | 4.3 |
| 2015-08-17 | CVE-2015-5781 | Information Exposure vulnerability in Apple Iphone OS and mac OS X ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecified data structure, which allows remote attackers to obtain sensitive information from process memory via a crafted PNG image. | 4.3 |
| 2015-08-17 | CVE-2015-5778 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5777. | 6.8 |
| 2015-08-17 | CVE-2015-5777 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-5778. | 6.8 |
| 2015-08-17 | CVE-2015-5773 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X QL Office in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted office document. | 6.8 |
| 2015-08-17 | CVE-2015-5770 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS MobileInstallation in Apple iOS before 8.4.1 does not ensure the uniqueness of universal provisioning profile bundle IDs, which allows attackers to replace arbitrary extensions via a crafted enterprise app. | 5.8 |
| 2015-08-17 | CVE-2015-5766 | Path Traversal vulnerability in Apple Iphone OS Directory traversal vulnerability in Air Traffic in Apple iOS before 8.4.1 allows attackers to access arbitrary filesystem locations via vectors related to asset handling. | 5.0 |
| 2015-08-17 | CVE-2015-5761 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Itunes and mac OS X CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5755. | 6.8 |