CVSS: 6.8EPSS: 85%CPEs: 7EXPL: 0CVE-2010-1812 – webkit: use-after-free flaw in handling of selections
https://notcve.org/view.php?id=CVE-2010-1812
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections. Vulnerabilidad de uso después de la liberación en WebKit en Apple iOS anterior a v4.1 en el iPhone e iPod touch, permite a atacantes remotos producir una denegación de servicio (caída de la aplicación) mediante vectores que comprenden selecciones. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://secunia.com/advisories/43086 http://support.apple.com/kb/HT4334 http:&# • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 6.9EPSS: 0%CPEs: 13EXPL: 2CVE-2010-2973 – Apple iOS - '.pdf' Local Privilege Escalation 'Jailbreak'
https://notcve.org/view.php?id=CVE-2010-2973
Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe. Un desbordamiento de enteros en IOSurface en Apple iOS anterior a versión 4.0.2 en el iPhone y iPod touch, y anterior a versión 3.2.2 en la iPad, permite a los usuarios locales alcanzar privilegios por medio de vectores que involucran las propiedades de IOSurface, como es demostrado por JailbreakMe. • https://www.exploit-db.com/exploits/14538 http://lists.apple.com/archives/security-announce/2010//Aug/msg00000.html http://lists.apple.com/archives/security-announce/2010//Aug/msg00001.html http://osvdb.org/66827 http://secunia.com/advisories/40807 http://support.apple.com/kb/HT4291 http://support.apple.com/kb/HT4292 http://www.exploit-db.com/exploits/14538 http://www.securityfocus.com/bid/42151 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 1%CPEs: 3EXPL: 0CVE-2010-1752
https://notcve.org/view.php?id=CVE-2010-1752
Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling. Desbordamiento de búfer basado en pila en CFNetwork en Apple iOS en versiones anteriores a la 4 en el iPhone y iPod touch permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) mediante vectores relacionados con el manejo de URL. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html http://support.apple.com/kb/HT4225 http://support.apple.com/kb/HT4435 http://www.securityfocus.com/bid/41016 https://exchange.xforce.ibmcloud.com/vulnerabilities/59631 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2010-1753
https://notcve.org/view.php?id=CVE-2010-1753
ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image. ImageIO en Apple iOS en versiones anteriores a la 4 en el iPhone y iPod touch permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) mediante una imagen JPEG manipulada. • http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html http://support.apple.com/kb/HT4225 http://www.securityfocus.com/bid/41016 https://exchange.xforce.ibmcloud.com/vulnerabilities/59632 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0CVE-2010-1756
https://notcve.org/view.php?id=CVE-2010-1756
The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network. La aplicación de Ajustes en Apple iOS en versiones anteriores a la 4 en el iPhone y iPod touch no notifica adecuadamente la red wireless que está en uso, lo que puede facilitar a atacantes remotos conducir a los usuarios a comunicarse a través de una red no deseada. • http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html http://support.apple.com/kb/HT4225 http://www.securityfocus.com/bid/41016 •