Vulnerabilities > Apple > Tvos > 5.0.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-12-11 | CVE-2015-7060 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X, Tvos and Watchos The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7061. | 6.8 |
2015-12-11 | CVE-2015-7059 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X, Tvos and Watchos The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7060 and CVE-2015-7061. | 6.8 |
2015-12-11 | CVE-2015-7058 | Information Exposure vulnerability in Apple Iphone OS, mac OS X and Tvos Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 improperly validate keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app. | 4.3 |
2015-12-11 | CVE-2015-7055 | Improper Access Control vulnerability in Apple Iphone OS and Tvos AppleMobileFileIntegrity in Apple iOS before 9.2 and tvOS before 9.1 does not prevent changes to access-control structures, which allows attackers to execute arbitrary code in a privileged context via a crafted app. | 9.3 |
2015-12-11 | CVE-2015-7054 | Data Processing Errors vulnerability in Apple products zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows remote attackers to execute arbitrary code via a crafted web site. | 6.8 |
2015-12-11 | CVE-2015-7053 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products ImageIO in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image. | 6.8 |
2015-12-11 | CVE-2015-7051 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS and Tvos MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 mishandles the timing of trust-cache loading, which allows attackers to execute arbitrary code in a privileged context via a crafted app. | 9.3 |
2015-12-11 | CVE-2015-7048 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Safari and Tvos WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. | 6.8 |
2015-12-11 | CVE-2015-7047 | Improper Input Validation vulnerability in Apple products The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed. | 7.2 |
2015-12-11 | CVE-2015-7046 | Information Exposure vulnerability in Apple products The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with root privileges. | 2.6 |