CVSS: 1.9EPSS: 0%CPEs: 40EXPL: 0CVE-2012-3729
https://notcve.org/view.php?id=CVE-2012-3729
The Berkeley Packet Filter (BPF) interpreter implementation in the kernel in Apple iOS before 6 accesses uninitialized memory locations, which allows local users to obtain sensitive information about the layout of kernel memory via a crafted program that uses a BPF interface. El interprete BPF (Berkeley Packet Filter) en el kernel de Apple iOS anterior a v6 acceder a regiones de memoria sin inicializar, lo que permite a usuarios locales obtener información sensible acerca de la memoria del kernel a través de un programa manipulado que utiliza la interfaz BPF. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://osvdb.org/85627 http://support.apple.com/kb/HT5503 https://exchange.xforce.ibmcloud.com/vulnerabilities/78724 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 2.1EPSS: 0%CPEs: 40EXPL: 0CVE-2012-3735
https://notcve.org/view.php?id=CVE-2012-3735
The Passcode Lock implementation in Apple iOS before 6 does not properly interact with the "Slide to Power Off" feature, which allows physically proximate attackers to see the most recently used third-party app by watching the device's screen. La implementación Passcode Lock en Apple iOS anterior a la v6 no interactua adecuadamente con la característica "Silide to power off", lo que permite a atacantes físicos visualizar las aplicaciones recientes a través de la visualizacion de la pantalla del dispositivo. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://osvdb.org/85640 http://support.apple.com/kb/HT5503 https://exchange.xforce.ibmcloud.com/vulnerabilities/78683 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.1EPSS: 0%CPEs: 40EXPL: 0CVE-2012-3737
https://notcve.org/view.php?id=CVE-2012-3737
The Passcode Lock implementation in Apple iOS before 6 does not properly restrict photo viewing, which allows physically proximate attackers to view arbitrary stored photos by spoofing a time value. La implementación Passcode Lock en Apple iOS anterior a la v6, no restringe adecuadamente la visualización de fotos, lo que permite a atacantes físicos ver el contenido de las fotos mediante la suplantación de un valor relativo a la fecha. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://osvdb.org/85634 http://support.apple.com/kb/HT5503 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 1%CPEs: 40EXPL: 0CVE-2012-3747
https://notcve.org/view.php?id=CVE-2012-3747
WebKit, as used in Apple iOS before 6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. WebKit, tal y como se utiliza en Apple iOS antes de v6 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (por corrupción de memoria y caída de la aplicación) a través de un sitio web diseñado para tal fin. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://osvdb.org/85631 http://support.apple.com/kb/HT5503 https://exchange.xforce.ibmcloud.com/vulnerabilities/78725 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 0%CPEs: 40EXPL: 0CVE-2012-3742
https://notcve.org/view.php?id=CVE-2012-3742
Safari in Apple iOS before 6 does not properly restrict use of an unspecified Unicode character that looks similar to the https lock indicator, which allows remote attackers to spoof https connections by placing this character in the TITLE element of a web page. El navegador Safari en Apple iOS antes de la v6 no restringe correctamente el uso de un carácter Unicode no especificado, el cual tiene un aspecto similar al indicador de bloqueo de https, lo que permite a atacantes remotos falsificar conexiones https mediante la colocación de este carácter en el título de una página web. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://osvdb.org/85632 http://support.apple.com/kb/HT5503 https://exchange.xforce.ibmcloud.com/vulnerabilities/78708 • CWE-264: Permissions, Privileges, and Access Controls •