Vulnerabilities > Apple > Tvos > 5.0.2

DATE CVE VULNERABILITY TITLE RISK
2013-12-18 CVE-2013-5196 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple products
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.
network
apple CWE-119
6.8
2013-03-20 CVE-2013-0981 Unspecified vulnerability in Apple Iphone OS and Tvos
The IOUSBDeviceFamily driver in the USB implementation in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 accesses pipe object pointers that originated in userspace, which allows local users to gain privileges via crafted code.
local
low complexity
apple
7.2
2013-03-20 CVE-2013-0978 Information Exposure vulnerability in Apple Iphone OS and Tvos
The ARM prefetch abort handler in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not ensure that it has been invoked in an abort context, which makes it easier for local users to bypass the ASLR protection mechanism via crafted code.
local
low complexity
apple CWE-200
2.1
2013-03-20 CVE-2013-0977 Security Bypass vulnerability in Apple Iphone OS and Tvos
dyld in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not properly manage the state of file loading for Mach-O executable files, which allows local users to bypass intended code-signing requirements via a file that contains overlapping segments.
local
low complexity
apple
4.6
2013-01-29 CVE-2013-0964 Improper Input Validation vulnerability in Apple Iphone OS and Tvos
The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page.
local
low complexity
apple CWE-20
3.6