Page 5 of 58 results (0.004 seconds)

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2010-1755

https://notcve.org/view.php?id=CVE-2010-1755

Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, which makes it easier for remote web servers to track users via a cookie. Safari en Apple iOS en versiones anteriores a la 4 en el iPhone y iPod touch no implementa de manera adecuada la opción "Aceptar cookies", lo que facilita a los servidores web remotos rastrear a los usuarios a través de una cookie. • http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html http://support.apple.com/kb/HT4225 http://www.securityfocus.com/bid/41016 https://exchange.xforce.ibmcloud.com/vulnerabilities/59634 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 4%CPEs: 85EXPL: 0

CVE-2010-1387

https://notcve.org/view.php?id=CVE-2010-1387

Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769. Vulnerabilidad no específicada en WebKit en Apple iTunes anteriores a v9.2 en Windows, tiene un impacto y vectores de ataque desconocidos, es una vulnerabilidad diferente a CVE-2010-1387 y CVE-2010-1769. • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/40196 http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://securitytracker.com/id?1024108 http:/ • CWE-399: Resource Management Errors •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1

CVE-2010-1181

https://notcve.org/view.php?id=CVE-2010-1181

Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a MARQUEE element. Safari en Apple iPhone OS v3.1.3 y en iPod touch permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o posiblemente ejecutar código de su elección a través de una cadena larga en un elemento MARQUEE. • http://nishantdaspatnaik.yolasite.com/ipodpoc6.php • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 3%CPEs: 41EXPL: 1

CVE-2009-2206

https://notcve.org/view.php?id=CVE-2009-2206

Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted (1) AAC or (2) MP3 file, as demonstrated by a ringtone with malformed entries in the sample size table. Múltiples desbordamientos de búfer en la región heap de la memoria en la biblioteca AudioCodecs en el componente CoreAudio en iPhone OS anterior a versión 3.1, y iPhone OS anterior a versión 3.1.1 para iPod touch, de Apple, permiten a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (bloqueo de aplicación) por medio de un archivo (1) AAC o (2) MP3 diseñado, como es demostrado mediante un tono de llamada con entradas malformadas en la tabla de tamaño de muestra. • http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html http://secunia.com/advisories/36677 http://support.apple.com/kb/HT3860 http://www.securityfocus.com/archive/1/506464/100/0/threaded http://www.securityfocus.com/bid/36338 http://www.securitytracker.com/id?1022869 http://www.trapkit.de/advisories/TKADV2009-007.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/53180 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.8EPSS: 0%CPEs: 74EXPL: 0

CVE-2009-2199

https://notcve.org/view.php?id=CVE-2009-2199

Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs. Una vulnerabilidad de lista negra incompleta en WebKit en Safari de Apple anterior a versión 4.0.3, como es usado en iPhone OS anterior a versión 3.1, iPhone OS anterior a versión 3.1.1, para iPod touch y otras plataformas, permite a atacantes remotos falsificar nombres de dominio en URL y posiblemente conducir ataques de phishing, por medio de homoglifos no especificados. • http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/36677 http://secunia.com/advisories/43068 http://support.apple.com/kb/HT3733 http://support.apple.com/kb/HT3860 http://www.securityfocus.com/bid/36026 http://www.securitytracker.com/id?1022719 http://www.vupen.com/english/advisories&#x •