Page 3 of 35 results (0.013 seconds)

CVSS: 1.9EPSS: 0%CPEs: 22EXPL: 0

Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data, via vectors involving the initial boot. Condición de carrera en Passcode Lock en Apple iOS en versiones anteriores a la 4 en el iPhone y iPod touch permite a atacantes físicamente próximos eludir los requerimientos de contraseña establecidos y asociar un dispositivo bloqueado con una computadora y acceder a datos de su elección, a través de vectores relacionados con el arranque inicial. • http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html http://support.apple.com/kb/HT4225 http://www.securityfocus.com/bid/41016 https://exchange.xforce.ibmcloud.com/vulnerabilities/59637 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 10.0EPSS: 93%CPEs: 108EXPL: 1

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of service (application crash), or read the SMS database or other data, via vectors related to "attribute manipulation," as demonstrated by Vincenzo Iozzo and Ralf Philipp Weinmann during a Pwn2Own competition at CanSecWest 2010. Una vulnerabilidad de uso de memoria previamente liberada en WebKit en Safari de Apple anterior a versión 5.0 sobre Mac OS X versiones 10.5 hasta 10.6 y Windows, Safari anterior a versión 4.1 sobre Mac OS X versión 10.4, y Safari en iPhone OS de Apple, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (bloqueo de aplicación), o leer la base de datos SMS u otros datos, por medio de vectores relacionados con "attribute manipulation", como es demostrado por Vincenzo Iozzo y Ralf Philipp Weinmann durante una competición Pwn2Own en CanSecWest 2010. This vulnerability allows remote attackers to execute remote code on vulnerable installations of Apple Webkit. User interaction is required in that a target must be coerced into visiting a malicious page. The specific flaw exists within Webkit's process for destructing attribute objects via the removeChild method. If an attribute's child object is accessed after the attribute was removed from the document, an invalid pointer is referenced. • https://www.exploit-db.com/exploits/16974 http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010 http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html http://news.cnet.com/8301-27080_3-20001126-245.html http://secunia.com/advisories/40105 http://secunia.com/advisories/40196 http://securityreason.com/securityalert • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 89%CPEs: 54EXPL: 5

Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a STYLE element composed of a large number of *> sequences. Vulnerabilidad de consumo en la pila en la función WebCore:: CSSSelector en WebKit, utilizado en Apple Safari v4.0.4, Apple Safari en iPhone OS y iPhone OS para iPod touch, y Google Chrome v4.0.249, permite a tacantes remotos provocar una denegación de servicio(caída de aplicación) o posiblemente ejecutar código de su elección a través de un elemento STYLE compuesto de un número largo de secuencias *> • https://www.exploit-db.com/exploits/11574 https://www.exploit-db.com/exploits/11567 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/43068 http://www.exploit-db.com/exploits/11567 http://www.exploit-db.com/exploits/11574 http://www.securityfocus.com/bid/38398 http://www.vupen.com/english/advisories/2011/0212 https://exchange.xforce.ibmcloud.com/vulnerabilities/56524 https://exchange.xforce.ibmcloud.com/vulnerabilities/56527 https • CWE-399: Resource Management Errors •

CVSS: 4.6EPSS: 0%CPEs: 50EXPL: 0

Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for iPod touch 1.1 through 3.1.2, allows physically proximate attackers to bypass device locking, and read or modify arbitrary data, via a USB control message that triggers memory corruption. El modo de recuperación en Apple iPhone OS desde v1.0 hasta v3.1.2, y iPhone OS para iPod touch desde v1.1 hasta v3.1.2, permite a atacantes físicamente próximos evitar el bloqueo del dispositivo, y leer o modificar datos de forma arbitraria, a través del mensaje de control de USB que inicia una corrupción de memoria. • http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.html http://osvdb.org/62128 http://support.apple.com/kb/HT4013 http://www.securityfocus.com/bid/38040 • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 0%CPEs: 48EXPL: 0

iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate. iPhone Mail en Apple iPhone OS, y en iPhone OS para iPod touch, no valida los certificados X.509, permitiendo a atacantes hombre-en-el-medio (man-in-the-middle) suplantar servidores de e-mail SSL de su elección mediante un certificado manipulado. • http://www.securityfocus.com/archive/1/506428/100/0/threaded http://www.securityfocus.com/bid/36370 https://exchange.xforce.ibmcloud.com/vulnerabilities/53234 • CWE-310: Cryptographic Issues •