CVSS: 6.8EPSS: 2%CPEs: 48EXPL: 0CVE-2013-1044
https://notcve.org/view.php?id=CVE-2013-1044
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. WebKit, como se utiliza en Apple iOS anterior a 7, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a WebKit CVEs enumerados en APPLE-SA-2013-09-18-2. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5934 http://support.apple.com/kb/HT6001 http://www.securitytracker.com/id/1029054 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 48EXPL: 0CVE-2013-5129
https://notcve.org/view.php?id=CVE-2013-5129
Multiple cross-site scripting (XSS) vulnerabilities in WebKit in Apple iOS before 7 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation. Múltiples vulnerabilidades XSS en WebKit de Apple iOS anterior a la versión 7 permite a atacantes remotos asistidos por el usuario inyectar script web o HTML arbitrario a través de vectores que implican operaciones de (1) arrastrar y soltar o (2) copiar y pegar. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5934 http://www.securitytracker.com/id/1029054 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.1EPSS: 0%CPEs: 48EXPL: 0CVE-2013-5141
https://notcve.org/view.php?id=CVE-2013-5141
The kernel in Apple iOS before 7 uses an incorrect data size for a certain integer variable, which allows attackers to cause a denial of service (infinite loop and device hang) via a crafted application, related to an "integer truncation vulnerability." El kernel en Apple iOS (anteriores a v7) utiliza un tamaño de datos incorrecto para ciertas variables entero, lo que permite al atacante producir una denegación de servicio (bucle infinito y cuelgue de dispositivo) a través de una aplicación manipulada, relativa a una "vulnerabilidad de truncado de entero" • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://support.apple.com/kb/HT5934 http://www.securitytracker.com/id/1029054 • CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 1%CPEs: 52EXPL: 0CVE-2013-1039
https://notcve.org/view.php?id=CVE-2013-1039
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. WebKit tal y como se usa en Apple iOS para versiones anteriores a 7, permite a atacantes remotos ejecutar código arbitrario o causar denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sitio web manipulado. Vulnerabilidad distinta a los CVEs publicados en APPLE-SA-2013-09-18-2. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5934 http://support.apple.com/kb/HT6001 http://www.securitytracker.com/id/1029054 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 48EXPL: 0CVE-2013-1036
https://notcve.org/view.php?id=CVE-2013-1036
Safari in Apple iOS before 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document. Safari en Apple iOS (anterior a v7) permite a atacantes remotos ejecutar código arbitrariamente o causar una denegación de servicio (corrupción de memoria) a través de un documento XML manipulado. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5934 http://www.securitytracker.com/id/1029054 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •