NotCVE - vendor:"Apple" product:"Iphone" version:"1.0"

Page 3 of 72 results (0.004 seconds)

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-5834

https://notcve.org/view.php?id=CVE-2015-5834

IOAcceleratorFamily in Apple iOS before 9 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. Vulnerabilidad en IOAcceleratorFamily en Apple iOS en versiones anteriores a 9, permite a atacantes obtener información sensible de la estructura de memoria del kernel a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2015-5824

https://notcve.org/view.php?id=CVE-2015-5824

The NSURL implementation in the CFNetwork SSL component in Apple iOS before 9 does not properly verify X.509 certificates from SSL servers after a certificate change, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Vulnerabilidad en la implementación de NSURL en el componente CFNetwork SSL en Apple iOS en versiones anteriores a 9, no verifica adecuadamente los certificados X.509 de los servidores SSL después un cambio en el certificado, lo que permite a atacantes man-in-the-middle suplantar los servidores y obtener información sensible a través de un certificado manipulado. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 https://support.apple.com/HT205267 • CWE-310: Cryptographic Issues •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

CVE-2015-5841

https://notcve.org/view.php?id=CVE-2015-5841

The CFNetwork Proxies component in Apple iOS before 9 does not properly handle a Set-Cookie header within a response to an HTTP CONNECT request, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response. Vulnerabilidad en el componente CFNetwork Proxies en Apple iOS en versiones anteriores a 9, no maneja correctamente una cabecera Set-Cookie en una respuesta en una petición HTTP CONNECT, lo que permite a servidores proxy remotos realizar un ataque de cookie-injection a través de una respuesta manipulada. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 https://support.apple.com/HT205267 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-5867

https://notcve.org/view.php?id=CVE-2015-5867

IOHIDFamily in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Vulnerabilidad en IOHIDFamily en Apple iOS en versiones anteriores a 9, permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76764 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205267 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 3%CPEs: 4EXPL: 0

CVE-2015-5874

https://notcve.org/view.php?id=CVE-2015-5874

CoreText in Apple iOS before 9 and iTunes before 12.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file. Vulnerabilidad en CoreText en Apple iOS en versiones anteriores a 9 y iTunes en versiones anteriores a 12.3, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un archivo de fuente manipulado. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://www.securityfocus.com/bid/76763 http://www.securitytracker.com/id/1033609 https://support.apple.com/HT205212 https://support.apple.com/HT205213 https://support.apple.com/HT205221 https:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

1 2 3 4 5