CVSS: 5.0EPSS: 2%CPEs: 33EXPL: 3CVE-2009-0961 – Apple iPhone 2.2.1 - Call Approval Dialog Security Bypass
https://notcve.org/view.php?id=CVE-2009-0961
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a call without user approval by causing an application to trigger an alert. El componente Mail en Apple iPhone OS v1.0 hasta v2.2.1 e iPhone OS para iPod touch v1.1 hasta v2.2.1 descarta el dialogo de aprobación de llamada cuando aparece otra alerta, pudiendo permitir a atacantes remotos forzar al iPhone hacer una llamada sin la aprobación del usuario al causar que una aplicación dispare una alerta. • https://www.exploit-db.com/exploits/33044 https://www.exploit-db.com/exploits/33045 https://www.exploit-db.com/exploits/33046 http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html http://osvdb.org/55238 http://support.apple.com/kb/HT3639 http://www.securityfocus.com/bid/35414 http://www.vupen.com/english/advisories/2009/1621 https://exchange.xforce.ibmcloud.com/vulnerabilities/51210 •
CVSS: 7.1EPSS: 3%CPEs: 34EXPL: 1CVE-2009-1692 – ECMAScript Denial Of Service
https://notcve.org/view.php?id=CVE-2009-1692
WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page containing an HTMLSelectElement object with a large length attribute, related to the length property of a Select object. WebKit en Apple iPhone OS v1.0 hasta v2.2.1 e iPhone OS para iPod touch v1.1 hasta v2.2.1 permite a atacantes remotos provocar una denegación de servicio (reinicio de dispositivo) mediante una página web conteniendo un objeto HTMLSelectElement con un atributo "length" grande. ECMAScript in IE5, IE6, IE7, IE8, Netscape, Firefox, Safari, Opera, Konqueror, Seamonkey, Wii, PS3, iPhone, iPod, Nokia, Siemens and various other browsers allows for a denial of service condition. • http://kb.palm.com/wps/portal/kb/na/pre/p100eww/sprint/solutions/article/50607_en.html#121 http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/55242 http://secunia.com/advisories/36977 http://secunia.com/advisories/37746 http://secunia.com/advisories/43068 http://support.apple.com/kb/HT3639 http://www.debian.org/security/2009/dsa-1950 http://www.g-sec. • CWE-399: Resource Management Errors •
CVSS: 4.3EPSS: 0%CPEs: 48EXPL: 1CVE-2009-1702
https://notcve.org/view.php?id=CVE-2009-1702
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to improper handling of Location and History objects. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en WebKit en Apple Safari anteriores a v4.0 permite a atacantes remotos inyectar secuencias de comandos web i HTML a traves de vctores relacionados con la gestion inadecuada de los objetos "Location" y "History". • http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/54993 http://secunia.com/advisories/35379 http://secunia.com/advisories/43068 http://securitytracker.com/id?1022344 http://support.apple.com/kb/HT3613 http://support.apple.com/kb/HT3639 http://www.securityfocus.com/bid/35260 http://www.sec • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 48EXPL: 1CVE-2009-1700
https://notcve.org/view.php?id=CVE-2009-1700
The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from arbitrary web pages via a crafted document. La implementación XSLT en WebKit en Apple Safari anteriores a 4.0 no trata apropiadamente las redirecciones, lo que permite a los atacantes remotos leer contenido XML desde páginas web arbitrarias a través de documentos manipudados. • http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/54973 http://secunia.com/advisories/35379 http://secunia.com/advisories/43068 http://support.apple.com/kb/HT3613 http://support.apple.com/kb/HT3639 http://www.securityfocus.com/bid/35260 http://www.vupen.com/english/advisories/2009/1522 http& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 3%CPEs: 62EXPL: 1CVE-2009-1698 – Apple WebKit attr() Invalid Attribute Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2009-1698
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. WebKit en Apple Safari anteriores a v4.0 no inicializa un puntero durante el proceso de llamada de función attr Cascading Style Sheets (CSS) con un argumento numérico largo, lo que permite a los atacantes remotos ejecutar arbitrariamente código o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de documentos HTML manipulados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of attr() functions in a CSS content object. When a large numerical value is passed as the argument to the attr() function, a memory corruption will occur which can be leveraged to execute arbitrary coder under the context of the current user. • http://blog.zoller.lu/2009/05/advisory-apple-safari-remote-code.html http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/55006 http://secunia.com/advisories/35379 http://secunia.com/advisories/35588 http://secunia.com/advisories/36057 http://secunia.com/advisories/36062 http://secunia.com/advisories • CWE-94: Improper Control of Generation of Code ('Code Injection') •