CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2014-1279 – Apple TV Touch Password Disclosure
https://notcve.org/view.php?id=CVE-2014-1279
11 Mar 2014 — Apple TV before 6.1 does not properly restrict logging, which allows local users to obtain sensitive information by reading log data. Apple TV anterior a 6.1 no restringe debidamente el registrado de logs, lo que permite a usuarios locales obtener información sensible mediante la lectura de datos de log. Apple TV 6.1 is now available and addresses information disclosure, date checking failure, buffer overflow, and various other vulnerabilities. • https://packetstorm.news/files/id/125657 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1292 – Apple Security Advisory 2014-04-01-1
https://notcve.org/view.php?id=CVE-2014-1292
11 Mar 2014 — WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1293, and CVE-2014-1294. WebKit, utilizado en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1, permite a atacante remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caíd... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1293 – Apple Security Advisory 2014-04-01-1
https://notcve.org/view.php?id=CVE-2014-1293
11 Mar 2014 — WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, and CVE-2014-1294. WebKit, utilizado en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1, permite a atacante remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caíd... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1267 – Apple Security Advisory 2014-03-10-2
https://notcve.org/view.php?id=CVE-2014-1267
11 Mar 2014 — The Configuration Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 does not properly evaluate the expiration date of a mobile configuration profile, which allows attackers to bypass intended access restrictions by using a profile after the date has passed. El componente de perfiles de configuración en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1 no evalúa debidamente la fecha de caducidad de un perfil de configuración móvil, lo que permite a atacantes remotos evadir restricciones de ... • http://support.apple.com/kb/HT6162 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1271 – Apple Security Advisory 2014-03-10-2
https://notcve.org/view.php?id=CVE-2014-1271
11 Mar 2014 — CoreCapture in Apple iOS before 7.1 and Apple TV before 6.1 does not properly validate IOKit API calls, which allows attackers to cause a denial of service (assertion failure and device crash) via a crafted app. CoreCapture en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1 no valida debidamente llamadas de IOKit API, lo que permite a atacantes causar una denegación de servicio (fallo de aserción y caída de dispositivo) a través de una aplicación manipulada. Apple TV 6.1 is now available and addresses in... • http://support.apple.com/kb/HT6162 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1273 – Apple Security Advisory 2014-03-10-2
https://notcve.org/view.php?id=CVE-2014-1273
11 Mar 2014 — dyld in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass code-signing requirements by leveraging use of text-relocation instructions in a dynamic library. dyld en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1 permite a atacantes evadir requisitos de la firma de código mediante el aprovechamiento del uso de instrucciones de relocalización de texto en un libraría dinámica. Apple TV 6.1 is now available and addresses information disclosure, date checking failure, buffer overflow, an... • http://support.apple.com/kb/HT6162 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1275 – Apple Security Advisory 2014-03-10-2
https://notcve.org/view.php?id=CVE-2014-1275
11 Mar 2014 — Buffer overflow in ImageIO in Apple iOS before 7.1 and Apple TV before 6.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document. Desbordamiento de buffer en ImageIO en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de datos JPEG2000 manipulados en un documento PDF. Apple TV 6.1 is now available ... • http://support.apple.com/kb/HT6162 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1280 – Apple Security Advisory 2014-03-10-2
https://notcve.org/view.php?id=CVE-2014-1280
11 Mar 2014 — Video Driver in Apple iOS before 7.1 and Apple TV before 6.1 allows remote attackers to cause a denial of service (NULL pointer dereference and device hang) via a crafted video file with MPEG-4 encoding. Video Driver en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1 permite a atacantes remotos causar una denegación de servicio (deferencia de puntero nulo y cuelgue de dispositivo) a través de un archivo de vídeo manipulado con codificación MPEG-4. Apple TV 6.1 is now available and addresses information d... • http://support.apple.com/kb/HT6162 •
CVSS: 5.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1282 – Apple Security Advisory 2014-03-10-2
https://notcve.org/view.php?id=CVE-2014-1282
11 Mar 2014 — The Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass intended configuration-profile visibility requirements via a long name. El componente Profiles en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1 permite a atacantes evadir requisitos de visibilidad de perfil de configuración a través de un nombre largo. Apple TV 6.1 is now available and addresses information disclosure, date checking failure, buffer overflow, and various other vulnerabilities. • http://support.apple.com/kb/HT6162 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 6%CPEs: 10EXPL: 0CVE-2014-1290 – Apple Mobile Safari isindex Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-1290
11 Mar 2014 — WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294. WebKit, utilizado en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caí... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •