CVSS: 6.8EPSS: 3%CPEs: 48EXPL: 0CVE-2013-5128
https://notcve.org/view.php?id=CVE-2013-5128
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. WebKit tal como se usa en Apple iOS en versiones anteriores a 7, permite a atacantes remotos ejecutar código arbitrario o causar denegación de servicio (corrupción de memoria y caida de aplicación) a través de un sitio web manipulado. Vulnerabilidad distinta a los CVEs publicados en APPLE-SA-2013-09-18-2. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5934 http://support.apple.com/kb/HT6001 http://www.securitytracker.com/id/1029054 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 48EXPL: 0CVE-2013-5139
https://notcve.org/view.php?id=CVE-2013-5139
The IOSerialFamily driver in Apple iOS before 7 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds array access) via a crafted application. El driver IOSerialFamily de Apple iOS en versiones anteriores a 7 permite a atacantes ejecutar código arbitrario o causar denegación de servicio (acceso fuera de rango a array) a través de una aplicacion manipulada • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5934 http://support.apple.com/kb/HT6150 http://www.securitytracker.com/id/1029054 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 1.9EPSS: 0%CPEs: 48EXPL: 0CVE-2013-5150
https://notcve.org/view.php?id=CVE-2013-5150
The history-clearing feature in Safari in Apple iOS before 7 does not clear the back/forward history of an open tab, which allows physically proximate attackers to obtain sensitive information by leveraging an unattended workstation. La funcionalidad para limpieza del historial en Safari en Apple iOS anterior 7 no limpia el histórico atrás/adelante en una pestaña abierta, lo que permite a atacantes físicamente próximos obtener información sensible mediante el aprovechamiento de una equipo de trabajo sin supervisión. • http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://support.apple.com/kb/HT5934 http://www.securitytracker.com/id/1029054 https://support.apple.com/kb/HT6535 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 3%CPEs: 50EXPL: 0CVE-2011-2391
https://notcve.org/view.php?id=CVE-2011-2391
The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets. La implementación de IPv6 en el núcleo de Apple iOS anterior a 7 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de paquetes ICMPv6 manipulados. • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://osvdb.org/97438 http://secunia.com/advisories/54886 http://support& • CWE-20: Improper Input Validation •
CVSS: 5.8EPSS: 0%CPEs: 48EXPL: 0CVE-2013-0957
https://notcve.org/view.php?id=CVE-2013-0957
Data Protection in Apple iOS before 7 allows attackers to bypass intended limits on incorrect passcode entry, and consequently avoid a configured Erase Data setting, by leveraging the presence of an app in the third-party sandbox. Protección de Datos en Apple iOS (anteriores a v7) permite a atacantes evitar los límites establecidos para la introducción incorrecta de contraseña, y consecuentemente evitar la configuración de Borrado de Datos, aprovechando la presencia de una aplicación en la sandbox de terceros. • http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://support.apple.com/kb/HT5934 http://www.securitytracker.com/id/1029054 • CWE-264: Permissions, Privileges, and Access Controls •