CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7133
https://notcve.org/view.php?id=CVE-2017-7133
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "MobileBackup" component. It allows remote attackers to obtain sensitive cleartext information in opportunistic circumstances by leveraging read access to a backup archive that was supposed to have been encrypted. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11. • http://www.securityfocus.com/bid/100892 http://www.securitytracker.com/id/1039385 https://support.apple.com/HT208112 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7118
https://notcve.org/view.php?id=CVE-2017-7118
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service (crash) via a crafted image. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11. • http://www.securityfocus.com/bid/100892 http://www.securitytracker.com/id/1039385 https://support.apple.com/HT208112 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7088
https://notcve.org/view.php?id=CVE-2017-7088
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Exchange ActiveSync" component. It allows remote attackers to erase a device in opportunistic circumstances by hijacking a cleartext AutoDiscover V1 session during the setup of an Exchange account. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11. • http://www.securityfocus.com/bid/100892 http://www.securitytracker.com/id/1039385 https://support.apple.com/HT208112 • CWE-275: Permission Issues •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-7085
https://notcve.org/view.php?id=CVE-2017-7085
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/100895 http://www.securitytracker.com/id/1039384 http://www.securitytracker.com/id/1039385 https://support.apple.com/HT208112 https://support.apple.com/HT208116 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2017-8248
https://notcve.org/view.php?id=CVE-2017-8248
A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as used in Apple iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation. Podría ocurrir un desbordamiento de búfer al procesar un mensaje NAS descendiente en Qualcomm Telephony tal y como se emplea en Apple iPhone 5 y siguientes, iPad 4th generation y siguientes, y iPod touch 6th generation. • http://seclists.org/fulldisclosure/2017/Jul/34 http://www.securityfocus.com/bid/106128 http://www.securityfocus.com/bid/99891 http://www.securitytracker.com/id/1038950 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •