CVSS: 6.8EPSS: 4%CPEs: 226EXPL: 0CVE-2012-5134 – libxml2: Heap-buffer-underflow in xmlParseAttValueComplex
https://notcve.org/view.php?id=CVE-2012-5134
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document. Desbordamiento de búfer basado en memoria dinámica en la función xmlParseAttValueComplex en parser.c en libxml2 2.9.0 y anteriores, como las usadas en Google Chrome anteriores a 23.0.1271.91,permite a atacantes remotos causar una denegación de servicio (cuelgue) o ejecutar código a través de una entidad manipulada en un fichero XML. • http://git.gnome.org/browse/libxml2/commit/?id=6a36fbe3b3e001a8a840b5c1fdd81cefc9947f0d http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2013- • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 20%CPEs: 111EXPL: 1CVE-2012-3748 – (Mobile Pwn2Own) Apple Safari shiftCount/splice Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-3748
Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript arrays. Una condición de carrera en WebKit de Apple iOS antes de v6.0.1 y Safari antes de v6.0.2 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (caída de la aplicación) a través de vectores relacionados con las matrices en JavaScript. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Array objects. When splicing a sparse array, the size of a sparse array is not properly validated. • https://www.exploit-db.com/exploits/28081 http://archives.neohapsis.com/archives/bugtraq/2012-11/0012.html http://archives.neohapsis.com/archives/bugtraq/2012-11/0013.html http://lists.apple.com/archives/security-announce/2012/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2012/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00003.html http://secunia.com/advisories/51445 http://support.apple.com/kb/HT5567 http://support.apple.co • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.0EPSS: 0%CPEs: 41EXPL: 0CVE-2012-3749
https://notcve.org/view.php?id=CVE-2012-3749
The extensions APIs in the kernel in Apple iOS before 6.0.1 provide kernel addresses in responses that contain an OSBundleMachOHeaders key, which makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted app. Las APIs de las extensiones del kernel en Apple iOS antes de v6.0.1 devuelve direcciones del kernel en las respuestas que contienen una clave OSBundleMachOHeaders, lo que hace que sea más fácil para los atacantes remotos evitar el mecanismo de protección ASLR través de una aplicación creada paar este fin. • http://archives.neohapsis.com/archives/bugtraq/2012-11/0012.html http://lists.apple.com/archives/security-announce/2012/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html http://secunia.com/advisories/51445 http://support.apple.com/kb/HT5567 http://support.apple.com/kb/HT5598 http://www.securityfocus.com/bid/56361 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.6EPSS: 0%CPEs: 41EXPL: 0CVE-2012-3750
https://notcve.org/view.php?id=CVE-2012-3750
The Passcode Lock implementation in Apple iOS before 6.0.1 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement and access Passbook passes via unspecified vectors. La implementación del bloqueo con Passcode en Apple iOS antes de v6.0.1 no gestiona adecuadamente el estado de bloqueo, lo que permite pasar por alto un requisito clave de acceso a atacantes físicamente próximos y acceder a las contraseñas del Passbook a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2012-11/0012.html http://lists.apple.com/archives/security-announce/2012/Nov/msg00000.html http://support.apple.com/kb/HT5567 http://www.securityfocus.com/bid/56363 https://exchange.xforce.ibmcloud.com/vulnerabilities/79747 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 40EXPL: 0CVE-2012-3730
https://notcve.org/view.php?id=CVE-2012-3730
Mail in Apple iOS before 6 does not properly handle reuse of Content-ID header values, which allows remote attackers to spoof attachments via a header value that was also used in a previous e-mail message, as demonstrated by a message from a different sender. Mail en Apple iOS anterior a v6 no implementa adecuadamente la reutilización de los valores de cabecera Content-ID, lo que permite a atacantes remosos suplantar los adjuntos a través de un valor de cabecera que se usó en un correo previo, como se ha demostrado mediante un mensaje de un remitente distinto. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://osvdb.org/85626 http://support.apple.com/kb/HT5503 https://exchange.xforce.ibmcloud.com/vulnerabilities/78717 •