CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple : Security Vulnerabilities (CVSS score >= 9)

CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complex ity Authen tication Confiden tiality Integrity Availa bility
1 CVE-2012-0671 94 DoS Exec Code Mem. Corr. 2012-05-16 2012-05-17
9.3
 None Remote Medium Not required Complete Complete Complete
Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .pict file.
2 CVE-2012-0670 189 DoS Exec Code Overflow 2012-05-16 2012-05-17
9.3
 None Remote Medium Not required Complete Complete Complete
Integer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted sean atom in a movie file.
3 CVE-2012-0669 119 DoS Exec Code Overflow 2012-05-16 2012-05-17
9.3
 None Remote Medium Not required Complete Complete Complete
Buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.
4 CVE-2012-0668 119 DoS Exec Code Overflow 2012-05-16 2012-05-17
9.3
 None Remote Medium Not required Complete Complete Complete
Buffer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with RLE encoding.
5 CVE-2012-0667 189 DoS Exec Code 2012-05-16 2012-05-17
9.3
 None Remote Medium Not required Complete Complete Complete
Integer signedness error in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTVR movie file.
6 CVE-2012-0666 119 DoS Exec Code Overflow 2012-05-16 2012-05-17
9.3
 None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the plugin in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTMovie object.
7 CVE-2012-0665 119 DoS Exec Code Overflow 2012-05-16 2012-05-17
9.3
 None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.
8 CVE-2012-0664 119 DoS Exec Code Overflow 2012-05-16 2012-05-17
9.3
 None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted text track in a movie file.
9 CVE-2012-0663 119 DoS Exec Code Overflow 2012-05-16 2012-05-17
9.3
 None Remote Medium Not required Complete Complete Complete
Multiple stack-based buffer overflows in Apple QuickTime before 7.7.2 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TeXML file.
10 CVE-2012-0646 134 Exec Code 2012-03-08 2012-03-09
9.3
 None Remote Medium Not required Complete Complete Complete
Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.
11 CVE-2012-0643 264 Exec Code Bypass 2012-03-08 2012-03-09
9.3
 None Remote Medium Not required Complete Complete Complete
The kernel in Apple iOS before 5.1 does not properly handle debug system calls, which allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a crafted program.
12 CVE-2012-0642 189 DoS Exec Code 2012-03-08 2012-05-11
9.3
 None Remote Medium Not required Complete Complete Complete
Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via a crafted catalog file in an HFS disk image.
13 CVE-2012-0635 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
14 CVE-2012-0633 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
15 CVE-2012-0632 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
16 CVE-2012-0631 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
17 CVE-2012-0630 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
18 CVE-2012-0629 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
19 CVE-2012-0628 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
20 CVE-2012-0627 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
21 CVE-2012-0626 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
22 CVE-2012-0625 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
23 CVE-2012-0624 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
24 CVE-2012-0623 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
25 CVE-2012-0622 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
26 CVE-2012-0621 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
27 CVE-2012-0620 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
28 CVE-2012-0619 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
29 CVE-2012-0618 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
30 CVE-2012-0617 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
31 CVE-2012-0616 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
32 CVE-2012-0615 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
33 CVE-2012-0614 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
34 CVE-2012-0613 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
35 CVE-2012-0612 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
36 CVE-2012-0611 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
37 CVE-2012-0610 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
38 CVE-2012-0609 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
39 CVE-2012-0607 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
40 CVE-2012-0606 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
41 CVE-2012-0605 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
42 CVE-2012-0604 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
43 CVE-2012-0603 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
44 CVE-2012-0602 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
45 CVE-2012-0601 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
46 CVE-2012-0600 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
47 CVE-2012-0599 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
48 CVE-2012-0598 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
49 CVE-2012-0597 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
50 CVE-2012-0596 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2012-03-13
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
Total number of vulnerabilities : 419   Page : 1 (This Page)2 3 4 5 6 7 8 9
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.