CVSS: 7.8EPSS: 1%CPEs: 9EXPL: 0CVE-2010-2808 – FreeType: Stack-based buffer overflow by processing certain LWFN fonts
https://notcve.org/view.php?id=CVE-2010-2808
19 Aug 2010 — Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font. Desbordamiento de búfer en la función Mac_Read_POST_Resource en base/ftobjs.c de FreeType anterior a v2.4.2 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y fallo de la aplicación) o posibl... • http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 9.3EPSS: 46%CPEs: 65EXPL: 4CVE-2010-1797 – Apple iOS - '.pdf' Local Privilege Escalation 'Jailbreak'
https://notcve.org/view.php?id=CVE-2010-1797
16 Aug 2010 — Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party i... • https://www.exploit-db.com/exploits/14538 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 2CVE-2010-2973 – Apple iOS - '.pdf' Local Privilege Escalation 'Jailbreak'
https://notcve.org/view.php?id=CVE-2010-2973
05 Aug 2010 — Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe. Un desbordamiento de enteros en IOSurface en Apple iOS anterior a versión 4.0.2 en el iPhone y iPod touch, y anterior a versión 3.2.2 en la iPad, permite a los usuarios locales alcanzar privilegios por medio de vectores que involucran las propiedades de IOSurface, como es demostrad... • https://www.exploit-db.com/exploits/14538 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 2%CPEs: 24EXPL: 0CVE-2010-2249 – libpng: Memory leak when processing Physical Scale (sCAL) images
https://notcve.org/view.php?id=CVE-2010-2249
30 Jun 2010 — Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. Fuga de memoria en pngrutil.c en libpng anteriores a v1.2.44 y v1.4.x anteriores a v.1.4.3, permite a atacantes remotos causar una denegación de servicio (consumo de memoria y caída de aplicación) a través de una imagen que contiene un troceado mal formado del Physical ... • http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 9.8EPSS: 83%CPEs: 31EXPL: 4CVE-2010-1205 – libpng 1.4.2 - Denial of Service
https://notcve.org/view.php?id=CVE-2010-1205
30 Jun 2010 — Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. Desbordamiento de buffer en el fichero pngpread.c en libpng anteriores a 1.2.44 y 1.4.x anteriroes a 1.4.3, como se utiliza en aplicaciones progresivas, podría permitir a atacantes remotos ejecutar código arbitrario mediante una imagen PNG que desencadena una serie de datos adicionales. ... • https://www.exploit-db.com/exploits/14422 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.7EPSS: 0%CPEs: 22EXPL: 0CVE-2010-1775
https://notcve.org/view.php?id=CVE-2010-1775
22 Jun 2010 — Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data, via vectors involving the initial boot. Condición de carrera en Passcode Lock en Apple iOS en versiones anteriores a la 4 en el iPhone y iPod touch permite a atacantes físicamente próximos eludir los requerimientos de contraseña establecidos y asociar un dispositivo bloqueado con ... • http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 22EXPL: 0CVE-2010-1407
https://notcve.org/view.php?id=CVE-2010-1407
22 Jun 2010 — WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via a crafted HTML document. WebKit en Apple iOS en versiones anteriores a la 4 en el iPhone y iPod touch no implementa de manera adecuada el método history.replaceState en ciertas situaciones relacionadas con elementos IFRAME, lo que permite a atacantes remotos obtener información ... • http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2010-1751
https://notcve.org/view.php?id=CVE-2010-1751
22 Jun 2010 — Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-library access, which might allow remote attackers to obtain location information via unspecified vectors. Application Sandbox en Apple iOS en versiones anteriores a la 4 en el iPhone y iPod touch no impide el acceso a la fototeca, lo que puede permitir a atacantes remotos obtener información de la ubicación mediante vectores no especificados. • http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2010-1755
https://notcve.org/view.php?id=CVE-2010-1755
22 Jun 2010 — Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, which makes it easier for remote web servers to track users via a cookie. Safari en Apple iOS en versiones anteriores a la 4 en el iPhone y iPod touch no implementa de manera adecuada la opción "Aceptar cookies", lo que facilita a los servidores web remotos rastrear a los usuarios a través de una cookie. • http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0CVE-2010-1756
https://notcve.org/view.php?id=CVE-2010-1756
22 Jun 2010 — The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network. La aplicación de Ajustes en Apple iOS en versiones anteriores a la 4 en el iPhone y iPod touch no notifica adecuadamente la red wireless que está en uso, lo que puede facilitar a atacantes remotos conducir a los usuarios a comunicarse a través de una red no desead... • http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html •