IDCVSSSummaryLast (major) updatePublished
CVE-2010-1387 9.3
Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) vi
19-09-2017 - 01:30 18-06-2010 - 16:30
CVE-2008-2317 9.3
WebCore in Apple Safari does not properly perform garbage collection of JavaScript document elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via a reference to the
11-10-2018 - 20:40 14-07-2008 - 18:41
CVE-2009-1692 7.1
WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page conta
10-10-2018 - 19:37 19-06-2009 - 16:30
CVE-2008-4232 5.0
Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to spoof a user interface via a crafted HTML document.
08-03-2011 - 03:12 25-11-2008 - 23:30
CVE-2008-4233 2.6
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not isolate the call-approval dialog from the process of launching new applications, which allows remote attackers to make arbitrary phone calls via a crafted
08-03-2011 - 03:12 25-11-2008 - 23:30
CVE-2008-4231 9.3
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applicati
11-10-2018 - 20:51 25-11-2008 - 23:30
CVE-2009-1698 9.3
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which a
10-10-2018 - 19:37 10-06-2009 - 18:00
CVE-2009-1701 9.3
Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of
10-10-2018 - 19:38 10-06-2009 - 18:00
CVE-2009-1702 4.3
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to improper
30-03-2012 - 04:00 10-06-2009 - 18:00
CVE-2009-1700 4.3
The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from arbitrary web pages v
30-03-2012 - 04:00 10-06-2009 - 18:00
CVE-2009-2199 5.8
Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishi
30-03-2012 - 04:00 12-08-2009 - 19:30
CVE-2009-1699 7.1
The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read arbitrary files
29-09-2017 - 01:34 10-06-2009 - 18:00
CVE-2009-1725 9.3
WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character
29-09-2017 - 01:34 09-07-2009 - 17:30
CVE-2011-1344 6.8
Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 (CDMA); and possibly other products allows remote attackers to execute arbitrary code by adding c
09-10-2018 - 19:30 10-03-2011 - 20:55
CVE-2009-1724 4.3
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors r
29-09-2017 - 01:34 09-07-2009 - 17:30
CVE-2012-2648 4.3
Cross-site scripting (XSS) vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use
10-08-2012 - 04:00 07-08-2012 - 19:55
CVE-2010-1812 6.8
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selectio
16-11-2018 - 16:40 09-09-2010 - 22:00
CVE-2010-1815 6.8
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollba
16-11-2018 - 16:40 09-09-2010 - 22:00
CVE-2010-1814 6.8
WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus.
16-11-2018 - 16:40 09-09-2010 - 22:00
CVE-2010-2973 6.9
Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe. Per: http://xforce.i
18-08-2010 - 05:50 05-08-2010 - 18:17
CVE-2009-0959 7.1
The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted MPEG-4 video file that triggers an "input validation issue."
17-08-2017 - 01:30 19-06-2009 - 16:30
CVE-2009-0961 5.0
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a call without user
17-08-2017 - 01:30 19-06-2009 - 16:30
CVE-2009-0958 4.3
Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 stores an exception for a hostname when the user accepts an untrusted Exchange server certificate, which causes it to be accepted without prompting in future usage and a
17-08-2017 - 01:30 19-06-2009 - 16:30
CVE-2009-0960 4.3
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not provide an option to disable remote image loading in HTML email, which allows remote attackers to determine the device address and when an
17-08-2017 - 01:30 19-06-2009 - 16:30
CVE-2010-1756 5.8
The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network. Pe
14-11-2018 - 17:13 22-06-2010 - 20:30
CVE-2010-1407 4.3
WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via a crafted HTML do
17-08-2017 - 01:32 22-06-2010 - 20:30
CVE-2010-1781 6.8
Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the rendering of an inline element.
16-11-2018 - 16:29 09-09-2010 - 22:00
CVE-2009-1679 2.1
The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password policy, which allows
17-08-2017 - 01:30 19-06-2009 - 16:30
CVE-2009-1683 7.8
The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted ICMP echo request, which triggers an assertion error related
30-03-2012 - 04:00 19-06-2009 - 16:30
CVE-2009-1680 2.1
Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to obtain the search h
30-03-2012 - 04:00 19-06-2009 - 16:30
CVE-2010-1751 5.0
Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-library access, which might allow remote attackers to obtain location information via unspecified vectors. Per: http://lists.apple.com/archives/security-ann
16-11-2018 - 16:38 22-06-2010 - 20:30
CVE-2008-1586 7.1
ImageIO in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allow remote attackers to cause a denial of service (memory consumption and device reset) via a crafted TIFF image.
08-03-2011 - 03:07 25-11-2008 - 23:30
CVE-2010-1775 1.9
Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data, via vectors involvi
17-08-2017 - 01:32 22-06-2010 - 20:30
CVE-2009-2206 6.8
Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial of service (applic
10-10-2018 - 19:39 10-09-2009 - 21:30
CVE-2010-1810 3.5
FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not properly handle invalid X.509 certificates, which allows man-in-the-middle attackers to redirect calls via a crafted certificate.
17-08-2017 - 01:32 09-09-2010 - 22:00
CVE-2008-4227 7.5
Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 changes the encryption level of PPTP VPN connections to a lower level than was previously used, which makes it easier for remote attackers to obtain sensitive information or
21-09-2011 - 02:58 25-11-2008 - 23:30
CVE-2008-4230 1.9
The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 displays SMS messages when the emergency-call screen is visible, which allows physically proximate attackers to obtain sensitive information by
08-03-2011 - 03:12 25-11-2008 - 23:30
CVE-2008-4229 3.7
Race condition in the Passcode Lock feature in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.0 through 2.1 allows physically proximate attackers to remove the lock and launch arbitrary applications by restoring the device from a back
08-03-2011 - 03:12 25-11-2008 - 23:30
CVE-2008-4228 3.6
The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows physically proximate attackers to leverage the emergency-call ability of locked devices to make a phone call to an arbitrary number.
08-03-2011 - 03:12 25-11-2008 - 23:30
CVE-2010-1755 4.3
Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, which makes it easier for remote web servers to track users via a cookie. Per: http://lists.apple.com/archives/security-announce/2010
16-11-2018 - 16:38 22-06-2010 - 20:30
CVE-2010-1813 6.8
WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines.
16-11-2018 - 16:40 09-09-2010 - 22:00
CVE-2010-1809 10.0
The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors.
16-11-2018 - 16:41 09-09-2010 - 22:00
CVE-2010-1757 6.4
WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document.
16-11-2018 - 16:38 22-06-2010 - 20:30
CVE-2010-1811 6.8
ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF file.
16-11-2018 - 16:40 09-09-2010 - 22:00
CVE-2010-1753 6.8
ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image. Per: http://lists.apple.com/archives/securit
16-11-2018 - 16:39 22-06-2010 - 20:30
CVE-2010-1754 6.9
Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunction with subsequent Remote Lock operations through MobileMe, which allows physically proximate attackers to bypass intended passc
16-11-2018 - 16:39 22-06-2010 - 20:30
CVE-2010-1752 6.8
Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling. Per: http://lists.appl
16-11-2018 - 16:39 22-06-2010 - 20:30
CVE-2010-1817 6.8
Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.
16-11-2018 - 16:40 09-09-2010 - 22:00
CVE-2010-1181 4.3
Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a MARQUEE element.
30-03-2012 - 04:00 29-03-2010 - 19:30
Back to Top Mark selected
Back to Top