Page 6 of 31 results (0.007 seconds)

CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0

CVE-2008-4227

https://notcve.org/view.php?id=CVE-2008-4227

Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 changes the encryption level of PPTP VPN connections to a lower level than was previously used, which makes it easier for remote attackers to obtain sensitive information or hijack a connection by decrypting network traffic. El sistema operativo Apple iPhone desde la v1.0 hasta la v2.1 y el sistema operativo iPhone para el iPod Touch desde la v1.0 hasta la v2.1 cambian el nivel de cifrado de las conexiones VPN PPTP a un nivel mas bajo del que fue usado previamente, lo cual facilita a atacantes remotos obtener información sensible o secuestras una conexión mediante el descifrado del trafico de red. • http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html http://osvdb.org/50024 http://secunia.com/advisories/32756 http://support.apple.com/kb/HT3318 http://www.securityfocus.com/bid/32394 http://www.securitytracker.com/id?1021269 http://www.vupen.com/english/advisories/2008/3232 • CWE-310: Cryptographic Issues •

CVSS: 2.6EPSS: 2%CPEs: 16EXPL: 0

CVE-2008-4233

https://notcve.org/view.php?id=CVE-2008-4233

Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not isolate the call-approval dialog from the process of launching new applications, which allows remote attackers to make arbitrary phone calls via a crafted HTML document. Safari en Apple iPhone OS v1.0 hasta v2.1 e iPhone OS para iPod touch v1.1 hasta v2.1; no aísla el diálogo de aceptar llamadas (call-approval) del proceso de lanzamiento de nuevas aplicaciones, esto permite a atacantes remotos realizar llamadas de teléfono de su elección a través de un documento HTML manipulado. • http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html http://osvdb.org/50030 http://secunia.com/advisories/32756 http://securitytracker.com/id?1021264 http://support.apple.com/kb/HT3318 http://www.securityfocus.com/bid/32394 http://www.vupen.com/english/advisories/2008/3232 •

CVSS: 5.0EPSS: 0%CPEs: 16EXPL: 0

CVE-2008-4232

https://notcve.org/view.php?id=CVE-2008-4232

Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to spoof a user interface via a crafted HTML document. Safari en Apple iPhone OS 2.0 hasta 2.1 y iPhone OS para iPod touch 2.1 no restringe mostrar contenidos IFRAME para los límites del IFRAME, el cual permite a los atacantes remotos espiar una interfaz de usuario a través de documentos HTML manipulados. • http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html http://osvdb.org/50029 http://secunia.com/advisories/32756 http://support.apple.com/kb/HT3318 http://www.securityfocus.com/bid/32394 http://www.securitytracker.com/id?1021272 http://www.vupen.com/english/advisories/2008/3232 •

CVSS: 9.3EPSS: 7%CPEs: 16EXPL: 0

CVE-2008-4231

https://notcve.org/view.php?id=CVE-2008-4231

Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. Safari en Apple iPhone OS v1.0 hasta v2.1 e iPhone OS para iPod touch v1.1 hasta v2.1 no maneja adecuadamente los elementos HTML TABLE, esto permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un documento HTML manipulado. • http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://osvdb.org/50028 http://secunia.com/advisories/32756 http://secunia.com/advisories/35379 http://support.apple.com/kb/HT3318 http://support.apple.com/kb/HT3613 http://www.fortiguardcenter.com/advisory/FGA-2009-23.html http://www.securityfocus.com/archive/1/504211/100/0/threaded http://www.securityfocus.com/bid/32394 http:& • CWE-399: Resource Management Errors •

CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0

CVE-2008-3631

https://notcve.org/view.php?id=CVE-2008-3631

Application Sandbox in Apple iPod touch 2.0 through 2.0.2, and iPhone 2.0 through 2.0.2, does not properly isolate third-party applications, which allows attackers to read arbitrary files in a third-party application's sandbox via a different third-party application. El Sandbox de Aplicaciones en iPod touch versión 2.0 hasta 2.0.2, y iPhone versión 2.0 hasta 2.0.2 de Apple , no aísla apropiadamente las aplicaciones de terceros, lo que permite a los atacantes leer archivos arbitrarios en una sandbox de aplicación de terceros por medio de una aplicación de terceros diferente. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html http://secunia.com/advisories/31823 http://secunia.com/advisories/31900 http://support.apple.com/kb/HT3026 http://support.apple.com/kb/HT3129 http://www.securityfocus.com/bid/31092 http://www.securitytracker.com/id?1020846 http://www.vupen.com/english/advisories/2008/2525 http://www.vupen.com/english/advisories/2008/2558 • CWE-264: Permissions, Privileges, and Access Controls •