Page 9 of 158 results (0.008 seconds)

CVSS: 6.1EPSS: 3%CPEs: 50EXPL: 0

The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets. La implementación de IPv6 en el núcleo de Apple iOS anterior a 7 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de paquetes ICMPv6 manipulados. • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html http://osvdb.org/97438 http://secunia.com/advisories/54886 http://support& • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 2%CPEs: 53EXPL: 0

Buffer overflow in CoreGraphics in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JBIG2 data in a PDF document. Desbordamiento de búfer en CoreGraphics en Apple Mac OS X anterior a 10.8.5, permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (caída de aplicación) a través de datos JBIG2 manipulados en un documento PDF. • http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5880 http://support.apple.com/kb/HT5934 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 2%CPEs: 53EXPL: 0

Buffer overflow in ImageIO in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document. Vulnerabildad de desbordamiento de búfer en ImageIO de Apple Mac OS X permite a atacantes remotos ejecutar código arbitrario o causar denegación de servicio (caida de aplicación) a través de datos JPEG2000 en un documento PDF • http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5880 http://support.apple.com/kb/HT5934 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.8EPSS: 0%CPEs: 53EXPL: 0

The IPSec implementation in Apple Mac OS X before 10.8.5, when Hybrid Auth is used, does not verify X.509 certificates from security gateways, which allows man-in-the-middle attackers to spoof security gateways and obtain sensitive information via a crafted certificate. La implementación IPSec en Apple Mac OS X anteriores a 10.8.5, cuando es empleada la Autentificación Híbrida, no verifica certificados X.509 desde pasarelas de seguridad, lo que permite a atacantes man-in-the-middle falsear pasarelas de seguridad y obtener información sensible a través de certificados manipulados. • http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5880 http://support.apple.com/kb/HT5934 • CWE-20: Improper Input Validation •

CVSS: 5.8EPSS: 1%CPEs: 42EXPL: 0

The WifiPasswordController generateDefaultPassword method in Preferences in Apple iOS 6 and earlier relies on the UITextChecker suggestWordInLanguage method for selection of Wi-Fi hotspot WPA2 PSK passphrases, which makes it easier for remote attackers to obtain access via a brute-force attack that leverages the insufficient number of possible passphrases. El método generateDefaultPassword en WifiPasswordController en las preferencias de iOS 6 y anteriores depende del método UITextChecker suggestWordInLanguage para la selección de puntos de acceso Wi-Fi con WPA2 PSK, lo que facilita a atacantes remotos el acceso a través de ataques de fuerza bruta que aprovecha el número limitado de posibles contraseñas (passphrases) a generar. • http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://lists.owasp.org/pipermail/owasp-mobile-security-project/2013-June/000640.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5934 http://www.securitytracker.com/id/1029054 http://www1.cs.fau.de/filepool/projects/hotspot/hotspot.pdf http://www1.cs.fau.de/hotspot • CWE-255: Credentials Management Errors •