| Max CVSS | 9.3 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-1067 | 4.3 |
Secure Transport in Apple iOS before 8.2, Apple OS X through 10.10.2, and Apple TV before 7.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via c
|
08-03-2019 - 16:06 | 11-03-2015 - 01:59 | |
| CVE-2015-1061 | 9.3 |
IOSurface in Apple iOS before 8.2, Apple OS X through 10.10.2, and Apple TV before 7.1 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages "type confusion" during serialized-object handling.
|
08-03-2019 - 16:06 | 12-03-2015 - 10:59 | |
| CVE-2015-1062 | 5.0 |
MobileStorageMounter in Apple iOS before 8.2 and Apple TV before 7.1 does not delete invalid disk-image folders, which allows attackers to create folders in arbitrary filesystem locations via a crafted app.
|
08-03-2019 - 16:06 | 12-03-2015 - 10:59 | |
| CVE-2015-1065 | 5.4 |
Multiple buffer overflows in iCloud Keychain in Apple iOS before 8.2 and Apple OS X through 10.10.2 allow man-in-the-middle attackers to execute arbitrary code by modifying the client-server data stream during keychain recovery.
|
08-12-2016 - 03:07 | 12-03-2015 - 10:59 | |
| CVE-2015-1063 | 7.8 |
CoreTelephony in Apple iOS before 8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a Class 0 SMS message. <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Derefer
|
11-09-2015 - 15:49 | 12-03-2015 - 10:59 | |
| CVE-2015-1064 | 1.9 |
Springboard in Apple iOS before 8.2 allows physically proximate attackers to bypass an intended activation requirement and read the home screen by leveraging an application crash during the activation process.
|
11-09-2015 - 15:48 | 12-03-2015 - 10:59 |