CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2010-1817
https://notcve.org/view.php?id=CVE-2010-1817
Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file. Desbordamiento de búfer en ImageIO en Apple iOS anterior a v4,1 en el iPhone e iPod touch permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de un archivo GIF manipulado. • http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html http://support.apple.com/kb/HT4334 https://exchange.xforce.ibmcloud.com/vulnerabilities/61697 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 81%CPEs: 3EXPL: 1CVE-2010-1813 – Webkit (Apple Safari < 4.1.2/5.0.2 / Google Chrome < 5.0.375.125) - Memory Corruption
https://notcve.org/view.php?id=CVE-2010-1813
WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines. WebKit de Apple OI anterior a v4.1 en el iPhone e iPod touch permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de vectores que comprenden HTML object outlines. Webkit on Apple Safari versions prior to 4.1.2 and 5.0.2 and Google Chrome versions prior to 5.0.375.125 suffers from a memory corruption vulnerability. • https://www.exploit-db.com/exploits/14967 http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://support.apple.com/kb/HT4334 http://support.apple.com/kb/HT445 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 90%CPEs: 7EXPL: 0CVE-2010-1814 – webkit: memory corruption flaw when handling form menus
https://notcve.org/view.php?id=CVE-2010-1814
WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus. WebKit en Apple OI anterior a v4.1 en el iPhone y el iPod touch permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de vectores que implican form menus. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://secunia.com/advisories/43086 http://support.apple.com/kb/HT4334 http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 85%CPEs: 7EXPL: 0CVE-2010-1815 – webkit: use-after-free flaw when handling scrollbars
https://notcve.org/view.php?id=CVE-2010-1815
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars. Vulnerabilidad de uso después de la liberación en WebKit en Apple iOS anterior a v4.1 en iPhone e iPod touch, permite a atacantes remotos producir una denegación de servicio (caída de aplicación) mediante vectores que comprenden las barras de desplazamiento. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://secunia.com/advisories/43086 http://support.apple.com/kb/HT4334 http:&# • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2010-1809
https://notcve.org/view.php?id=CVE-2010-1809
The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors. El componente Accessibility en Apple iOS anterior a v4.1 en el iPhone e iPod touch no lleva a cabo el esperado anuncio de VoiceOver asociado con el icono de ubicación de servicios, que tiene un impacto y unos vectores de ataque no especificados. • http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html http://support.apple.com/kb/HT4334 https://exchange.xforce.ibmcloud.com/vulnerabilities/61694 •