Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-06-30 | CVE-2010-1285 | Improper Input Validation vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified manipulations involving the newclass (0x58) operator and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-2168 and CVE-2010-2201. | 9.3 |
| 2010-06-30 | CVE-2010-1205 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. | 9.8 |
| 2010-06-25 | CVE-2010-2454 | Permissions, Privileges, and Access Controls vulnerability in Apple Safari Apple Safari does not properly manage the address bar between the request to open a URL and the retrieval of the new document's content, which might allow remote attackers to conduct spoofing attacks via a crafted HTML document, a related issue to CVE-2010-1206. | 4.3 |
| 2010-06-24 | CVE-2010-2441 | Permissions, Privileges, and Access Controls vulnerability in Apple Webkit WebKit does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets," a different vulnerability than CVE-2010-1126, CVE-2010-1422, and CVE-2010-2295. | 4.3 |
| 2010-06-22 | CVE-2010-2432 | Resource Management Errors vulnerability in Apple Cups The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses. | 5.0 |
| 2010-06-22 | CVE-2010-2431 | Link Following vulnerability in Apple Cups The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file. | 2.6 |
| 2010-06-22 | CVE-2010-1775 | Race Condition vulnerability in Apple Iphone OS Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data, via vectors involving the initial boot. | 1.9 |
| 2010-06-22 | CVE-2010-1757 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document. | 6.4 |
| 2010-06-22 | CVE-2010-1756 | Unspecified vulnerability in Apple Iphone OS The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network. network apple | 5.8 |
| 2010-06-22 | CVE-2010-1755 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, which makes it easier for remote web servers to track users via a cookie. | 4.3 |