CVSS: 6.8EPSS: 0%CPEs: 44EXPL: 0CVE-2013-0956
https://notcve.org/view.php?id=CVE-2013-0956
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. WebKit en Apple iOS anterior a v6.1, permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado. Vulnerabilidad distinta de la listada por Apple APPLE-SA-2013-01-28-1. • http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html http://lists.apple.com/archives/security-announce/2013/Mar/msg00003.html http://support.apple.com/kb/HT5642 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.6EPSS: 0%CPEs: 31EXPL: 0CVE-2013-0964
https://notcve.org/view.php?id=CVE-2013-0964
The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page. El kernel en Apple iOS anterior a v6.1 y Apple TV anterior a v5.2 no valida adecuadamente los argumentos de copia, lo que permite a usuarior locales evitar las restricciones de punteros y de acceso a memoria en la primera página del kernel-memory especificando que el tamaño sea menor al de una página. • http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html http://lists.apple.com/archives/security-announce/2013/Jan/msg00001.html http://osvdb.org/89659 http://support.apple.com/kb/HT5642 http://support.apple.com/kb/HT5643 http://www.securityfocus.com/bid/57595 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 4%CPEs: 226EXPL: 0CVE-2012-5134 – libxml2: Heap-buffer-underflow in xmlParseAttValueComplex
https://notcve.org/view.php?id=CVE-2012-5134
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document. Desbordamiento de búfer basado en memoria dinámica en la función xmlParseAttValueComplex en parser.c en libxml2 2.9.0 y anteriores, como las usadas en Google Chrome anteriores a 23.0.1271.91,permite a atacantes remotos causar una denegación de servicio (cuelgue) o ejecutar código a través de una entidad manipulada en un fichero XML. • http://git.gnome.org/browse/libxml2/commit/?id=6a36fbe3b3e001a8a840b5c1fdd81cefc9947f0d http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2013- • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 20%CPEs: 111EXPL: 1CVE-2012-3748 – (Mobile Pwn2Own) Apple Safari shiftCount/splice Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-3748
Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript arrays. Una condición de carrera en WebKit de Apple iOS antes de v6.0.1 y Safari antes de v6.0.2 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (caída de la aplicación) a través de vectores relacionados con las matrices en JavaScript. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Array objects. When splicing a sparse array, the size of a sparse array is not properly validated. • https://www.exploit-db.com/exploits/28081 http://archives.neohapsis.com/archives/bugtraq/2012-11/0012.html http://archives.neohapsis.com/archives/bugtraq/2012-11/0013.html http://lists.apple.com/archives/security-announce/2012/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2012/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00003.html http://secunia.com/advisories/51445 http://support.apple.com/kb/HT5567 http://support.apple.co • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.0EPSS: 0%CPEs: 41EXPL: 0CVE-2012-3749
https://notcve.org/view.php?id=CVE-2012-3749
The extensions APIs in the kernel in Apple iOS before 6.0.1 provide kernel addresses in responses that contain an OSBundleMachOHeaders key, which makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted app. Las APIs de las extensiones del kernel en Apple iOS antes de v6.0.1 devuelve direcciones del kernel en las respuestas que contienen una clave OSBundleMachOHeaders, lo que hace que sea más fácil para los atacantes remotos evitar el mecanismo de protección ASLR través de una aplicación creada paar este fin. • http://archives.neohapsis.com/archives/bugtraq/2012-11/0012.html http://lists.apple.com/archives/security-announce/2012/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html http://secunia.com/advisories/51445 http://support.apple.com/kb/HT5567 http://support.apple.com/kb/HT5598 http://www.securityfocus.com/bid/56361 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •