CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1294
https://notcve.org/view.php?id=CVE-2014-1294
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, and CVE-2014-1293. WebKit, utilizado en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1, permite a atacante remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292 y CVE-2014-1293. • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html http://support.apple.com/kb/HT6162 http://support.apple.com/kb/HT6163 https://support.apple.com/kb/HT6537 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 0CVE-2014-1279 – Apple TV Touch Password Disclosure
https://notcve.org/view.php?id=CVE-2014-1279
Apple TV before 6.1 does not properly restrict logging, which allows local users to obtain sensitive information by reading log data. Apple TV anterior a 6.1 no restringe debidamente el registrado de logs, lo que permite a usuarios locales obtener información sensible mediante la lectura de datos de log. Apple TV had an issue where it was logging a user's Apple ID and password via debug output in logs. • http://support.apple.com/kb/HT6163 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 11%CPEs: 10EXPL: 0CVE-2014-1290 – Apple Mobile Safari isindex Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-1290
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294. WebKit, utilizado en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, un vulnerabilidad diferente a CVE-2014-1289, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293 y CVE-2014-1294. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of isindex elements. The issue lies in setting attributes to invalid values. • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html http://support.apple.com/kb/HT6162 http://support.apple.com/kb/HT6163 https://support.apple.com/kb/HT6537 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1289
https://notcve.org/view.php?id=CVE-2014-1289
WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294. WebKit, utilizado en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293 y CVE-2014-1294. • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html http://support.apple.com/kb/HT6162 http://support.apple.com/kb/HT6163 https://support.apple.com/kb/HT6537 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 10EXPL: 1CVE-2014-1287 – iOS 7 - Kernel Mode Memory Corruption
https://notcve.org/view.php?id=CVE-2014-1287
USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted USB messages. USB Host en Apple iOS anterior a 7.1 y Apple TV anterior a 6.1 permite a atacantes físicamente próximos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de mensajes USB manipulados. iOS 7 suffered from an arbitrary code execution vulnerability in kernel mode. • https://www.exploit-db.com/exploits/32333 http://support.apple.com/kb/HT6162 http://support.apple.com/kb/HT6163 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •