CVE-2011-0228
https://notcve.org/view.php?id=CVE-2011-0228
The Data Security component in Apple iOS before 4.2.10 and 4.3.x before 4.3.5 does not check the basicConstraints parameter during validation of X.509 certificate chains, which allows man-in-the-middle attackers to spoof an SSL server by using a non-CA certificate to sign a certificate for an arbitrary domain. El componente Data Security de Apple iOS antes de v4.2.10 y v4.3.x antes de v4.3.5 no comprueba el parámetro basicConstraints durante la validación de cadenas de certificados X.509, lo que permite a atacantes man-in-the-middle, falsificar un servidor SSL mediante un certificado no-CA y firmar un certificado para un dominio de su elección. • http://lists.apple.com/archives/security-announce/2011//Jul/msg00004.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00005.html http://secunia.com/advisories/45369 http://securityreason.com/securityalert/8361 http://securitytracker.com/id?1025837 http://support.apple.com/kb/HT4824 http://support.apple.com/kb/HT4825 http://www.securityfocus.com/archive/1/518982/100/0/threaded http://www.securityfocus.com/bid/48877 https://www.trustwave.com/spiderlabs/advisor • CWE-20: Improper Input Validation •
CVE-2011-0226 – freetype: postscript type1 font parsing vulnerability
https://notcve.org/view.php?id=CVE-2011-0226
Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011. Error de entero sin signo en psaux/t1decode.c en FreeType anterior a v2.4.6, es usado enCoreGraphics en Apple iOS anterior a v4.2.9 y v4.3.x anterior a v4.3.4 y otros productos, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria o caída de la aplicación) a través de una fuente manipulada Type 1 en un documento PDF, como se explotó en Julio 2011. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.html http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00014.html http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00015.html http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00020.html http://lists.nongnu.org/archive/html/f • CWE-189: Numeric Errors •
CVE-2011-0227
https://notcve.org/view.php?id=CVE-2011-0227
The queueing primitives in IOMobileFrameBuffer in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 do not properly perform type conversion, which allows local users to gain privileges via a crafted application. Las funciones primitivas de gestión de cola de IOMobileFrameBuffer en Apple iOS anteriores a 4.2.9 y 4.3.x anteriores a 4.3.4 no realizan adecuadamente la conversión de tipos, lo que permite a usuarios locales obtener privilegios a través de una aplicación modificada. • http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.html http://support.apple.com/kb/HT4802 http://support.apple.com/kb/HT4803 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2011-0158
https://notcve.org/view.php?id=CVE-2011-0158
MobileSafari in Apple iOS before 4.3 does not properly implement application launching through URL handlers, which allows remote attackers to cause a denial of service (persistent application crash) via crafted JavaScript code. MobileSafari en Apple iOS antes de v4.3 no implementa adecuadamente la aplicación de lanzamiento a través de controladores de URL, lo que permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación persistente) a través de código JavaScript malicioso. • http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html http://support.apple.com/kb/HT4564 http://www.securityfocus.com/bid/46806 http://www.securitytracker.com/id?1025182 https://exchange.xforce.ibmcloud.com/vulnerabilities/66002 • CWE-20: Improper Input Validation •
CVE-2011-0162
https://notcve.org/view.php?id=CVE-2011-0162
Wi-Fi in Apple iOS before 4.3 and Apple TV before 4.2 does not properly perform bounds checking for Wi-Fi frames, which allows remote attackers to cause a denial of service (device reset) via unspecified traffic on the local wireless network. Wi-Fi de Apple iOS antes de v4.3 y Apple TV antes de v4.2 no lleva a cabo todas comprobación de límites para los marcos de Wi-Fi, lo que permite a atacantes remotos provocar una denegación de servicio (reinicio del dispositivo) a través de tráfico sin especificar en la red inalámbrica local. • http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html http://support.apple.com/kb/HT4564 http://support.apple.com/kb/HT4565 http://www.securityfocus.com/bid/46813 http://www.securitytracker.com/id?1025182 https://exchange.xforce.ibmcloud.com/vulnerabilities/65998 • CWE-20: Improper Input Validation •