CVE-2014-1292
https://notcve.org/view.php?id=CVE-2014-1292
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1293, and CVE-2014-1294. WebKit, utilizado en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1, permite a atacante remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1293 y CVE-2014-1294. • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html http://support.apple.com/kb/HT6162 http://support.apple.com/kb/HT6163 https://support.apple.com/kb/HT6537 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2014-1294
https://notcve.org/view.php?id=CVE-2014-1294
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, and CVE-2014-1293. WebKit, utilizado en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1, permite a atacante remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292 y CVE-2014-1293. • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html http://support.apple.com/kb/HT6162 http://support.apple.com/kb/HT6163 https://support.apple.com/kb/HT6537 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2014-1279 – Apple TV Touch Password Disclosure
https://notcve.org/view.php?id=CVE-2014-1279
Apple TV before 6.1 does not properly restrict logging, which allows local users to obtain sensitive information by reading log data. Apple TV anterior a 6.1 no restringe debidamente el registrado de logs, lo que permite a usuarios locales obtener información sensible mediante la lectura de datos de log. Apple TV had an issue where it was logging a user's Apple ID and password via debug output in logs. • http://support.apple.com/kb/HT6163 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2014-1290 – Apple Mobile Safari isindex Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-1290
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294. WebKit, utilizado en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, un vulnerabilidad diferente a CVE-2014-1289, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293 y CVE-2014-1294. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of isindex elements. The issue lies in setting attributes to invalid values. • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html http://support.apple.com/kb/HT6162 http://support.apple.com/kb/HT6163 https://support.apple.com/kb/HT6537 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2014-1289
https://notcve.org/view.php?id=CVE-2014-1289
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294. WebKit, utilizado en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293 y CVE-2014-1294. • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html http://support.apple.com/kb/HT6162 http://support.apple.com/kb/HT6163 https://support.apple.com/kb/HT6537 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •