CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1294 – Apple Security Advisory 2014-04-01-1
https://notcve.org/view.php?id=CVE-2014-1294
11 Mar 2014 — WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, and CVE-2014-1293. WebKit, utilizado en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1, permite a atacante remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caíd... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.3EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1272 – Apple Security Advisory 2014-03-10-2
https://notcve.org/view.php?id=CVE-2014-1272
11 Mar 2014 — CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to change arbitrary file permissions by leveraging a symlink. CrashHouseKeeping en Crash Reporting en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1 permite a usuarios locales cambiar permisos de archivo arbitrarios mediante el aprovechamiento de un symlink. Apple TV 6.1 is now available and addresses information disclosure, date checking failure, buffer overflow, and various other vulnerabilities. • http://support.apple.com/kb/HT6162 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1280 – Apple Security Advisory 2014-03-10-2
https://notcve.org/view.php?id=CVE-2014-1280
11 Mar 2014 — Video Driver in Apple iOS before 7.1 and Apple TV before 6.1 allows remote attackers to cause a denial of service (NULL pointer dereference and device hang) via a crafted video file with MPEG-4 encoding. Video Driver en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1 permite a atacantes remotos causar una denegación de servicio (deferencia de puntero nulo y cuelgue de dispositivo) a través de un archivo de vídeo manipulado con codificación MPEG-4. Apple TV 6.1 is now available and addresses information d... • http://support.apple.com/kb/HT6162 •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1291 – Apple Security Advisory 2014-04-01-1
https://notcve.org/view.php?id=CVE-2014-1291
11 Mar 2014 — WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294. WebKit, utilizado en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1, permite a atacante remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caíd... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1278 – Apple Security Advisory 2014-03-10-2
https://notcve.org/view.php?id=CVE-2014-1278
11 Mar 2014 — The ptmx_get_ioctl function in the ARM kernel in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access and device crash) via a crafted call. La función ptmx_get_ioctl en el kernel de ARM en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1 permite a usuarios locales ganar privilegios o causar una denegación de servicio (acceso a memoria fuera de rango y caída de dispositivo) a través de una llamada manipulada. Apple TV 6... • http://support.apple.com/kb/HT6162 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1273 – Apple Security Advisory 2014-03-10-2
https://notcve.org/view.php?id=CVE-2014-1273
11 Mar 2014 — dyld in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass code-signing requirements by leveraging use of text-relocation instructions in a dynamic library. dyld en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1 permite a atacantes evadir requisitos de la firma de código mediante el aprovechamiento del uso de instrucciones de relocalización de texto en un libraría dinámica. Apple TV 6.1 is now available and addresses information disclosure, date checking failure, buffer overflow, an... • http://support.apple.com/kb/HT6162 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1289 – Apple Security Advisory 2014-04-01-1
https://notcve.org/view.php?id=CVE-2014-1289
11 Mar 2014 — WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294. WebKit, utilizado en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caí... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2014-1279 – Apple TV Touch Password Disclosure
https://notcve.org/view.php?id=CVE-2014-1279
11 Mar 2014 — Apple TV before 6.1 does not properly restrict logging, which allows local users to obtain sensitive information by reading log data. Apple TV anterior a 6.1 no restringe debidamente el registrado de logs, lo que permite a usuarios locales obtener información sensible mediante la lectura de datos de log. Apple TV 6.1 is now available and addresses information disclosure, date checking failure, buffer overflow, and various other vulnerabilities. • https://packetstorm.news/files/id/125657 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1267 – Apple Security Advisory 2014-03-10-2
https://notcve.org/view.php?id=CVE-2014-1267
11 Mar 2014 — The Configuration Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 does not properly evaluate the expiration date of a mobile configuration profile, which allows attackers to bypass intended access restrictions by using a profile after the date has passed. El componente de perfiles de configuración en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1 no evalúa debidamente la fecha de caducidad de un perfil de configuración móvil, lo que permite a atacantes remotos evadir restricciones de ... • http://support.apple.com/kb/HT6162 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1293 – Apple Security Advisory 2014-04-01-1
https://notcve.org/view.php?id=CVE-2014-1293
11 Mar 2014 — WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, and CVE-2014-1294. WebKit, utilizado en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1, permite a atacante remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caíd... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •