CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2013-6114 189 1 DoS Overflow 2013-11-04 2014-01-13
5.0
None Remote Low Not required None None Partial
Integer overflow in the OZDocument::parseElement function in Apple Motion 5.0.7 allows remote attackers to cause a denial of service (application crash) via a (1) large or (2) small value in the subview attribute of a viewer element in a .motn file.
2 CVE-2012-3755 119 1 DoS Exec Code Overflow 2012-11-09 2013-11-02
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Targa image.
3 CVE-2011-0257 189 1 DoS Exec Code Overflow 2011-08-15 2013-11-02
9.3
None Remote Medium Not required Complete Complete Complete
Integer signedness error in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PnSize opcode in a PICT file that triggers a stack-based buffer overflow.
4 CVE-2010-2973 264 1 Overflow +Priv 2010-08-05 2010-08-18
6.9
Admin Local Medium Not required Complete Complete Complete
Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe.
5 CVE-2010-1797 119 1 DoS Exec Code Overflow Mem. Corr. 2010-08-16 2012-12-18
9.3
None Remote Medium Not required Complete Complete Complete
Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party information.
6 CVE-2010-1226 20 1 DoS 2010-04-01 2010-04-02
5.0
None Remote Low Not required None None Partial
The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service (Safari, Mail, or Springboard crash) via a crafted innerHTML property of a DIV element, related to a "malformed character" issue.
7 CVE-2010-1179 189 1 DoS Exec Code 2010-03-29 2010-03-30
9.3
None Remote Medium Not required Complete Complete Complete
Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large integer in the numcolors attribute of a recolorinfo element in a VML file, possibly a related issue to CVE-2007-0024.
8 CVE-2010-1176 94 1 DoS Exec Code 2010-03-29 2010-03-30
9.3
None Remote Medium Not required Complete Complete Complete
Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to an array of long strings, an array of IMG elements with crafted strings in their SRC attributes, a TBODY element with no associated TABLE element, and certain calls to the delete operator and the cloneNode, clearAttributes, and CollectGarbage methods, possibly a related issue to CVE-2009-0075.
9 CVE-2010-1131 1 DoS 2010-03-27 2010-06-08
4.3
None Remote Medium Not required None None Partial
JavaScriptCore.dll, as used in Apple Safari 4.0.5 on Windows XP SP3, allows remote attackers to cause a denial of service (application crash) via an HTML document composed of many successive occurrences of the <object> substring.
10 CVE-2010-1029 399 2 DoS Exec Code 2010-03-19 2012-01-26
5.0
None Remote Low Not required None None Partial
Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a STYLE element composed of a large number of *> sequences.
11 CVE-2009-4186 119 1 DoS Overflow 2009-12-03 2009-12-04
9.3
None Remote Medium Not required Complete Complete Complete
Stack consumption vulnerability in Apple Safari 4.0.3 on Windows allows remote attackers to cause a denial of service (application crash) via a long URI value (aka url) in the Cascading Style Sheets (CSS) background property.
12 CVE-2009-3272 399 1 DoS 2009-09-21 2011-02-17
5.0
None Remote Low Not required None None Partial
Stack consumption vulnerability in WebKit.dll in WebKit in Apple Safari 3.2.3, and possibly other versions before 4.1.2, allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls eval on a long string composed of A/ sequences.
13 CVE-2009-3271 20 1 DoS 2009-09-21 2009-09-22
4.3
None Remote Medium Not required None None Partial
Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a denial of service (application crash) via a long tel: URL in the SRC attribute of an IFRAME element.
14 CVE-2009-1699 200 1 +Info 2009-06-10 2012-03-30
7.1
None Remote Medium Not required Complete None None
The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read arbitrary files via a crafted DTD, as demonstrated by a file:///etc/passwd URL in an entity declaration, related to an "XXE attack."
15 CVE-2009-1692 399 1 DoS 2009-06-19 2012-03-30
7.1
None Remote Medium Not required None None Complete
WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page containing an HTMLSelectElement object with a large length attribute, related to the length property of a Select object.
16 CVE-2009-1238 362 1 DoS Mem. Corr. 2009-04-02 2009-04-18
7.2
None Local Low Not required Complete Complete Complete
Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and earlier on Apple Mac OS X 10.5.6 and earlier allows local users to cause a denial of service (kernel memory corruption) by simultaneously executing the same HFS_SET_PKG_EXTENSIONS code path in multiple threads, which is problematic because of lack of mutex locking for an unspecified global variable.
17 CVE-2009-1237 399 2 DoS 2009-04-02 2009-04-18
4.9
None Local Low Not required None None Complete
Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allow local users to cause a denial of service (kernel memory consumption) via a crafted (1) SYS_add_profil or (2) SYS___mac_getfsstat system call.
18 CVE-2009-1236 119 1 DoS Overflow 2009-04-02 2009-04-18
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a certain ifPort structure member.
19 CVE-2009-1235 264 1 +Priv 2009-04-02 2009-08-13
7.2
None Local Low Not required Complete Complete Complete
XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls.
20 CVE-2009-1233 20 1 DoS 2009-04-02 2010-08-21
4.3
None Remote Medium Not required None None Partial
Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers to cause a denial of service (application crash) via an XML document containing many nested A elements.
21 CVE-2009-0950 119 2 DoS Exec Code Overflow 2009-06-02 2013-11-02
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon.
22 CVE-2009-0070 189 1 DoS 2009-01-08 2009-01-29
9.3
Admin Remote Medium Not required Complete Complete Complete
Integer signedness error in Apple Safari allows remote attackers to read the contents of arbitrary memory locations, cause a denial of service (application crash), and probably have unspecified other impact via the array index of the arguments array in a JavaScript function, possibly a related issue to CVE-2008-2307.
23 CVE-2009-0010 189 1 DoS Exec Code Overflow 2009-05-13 2009-06-04
9.3
None Remote Medium Not required Complete Complete Complete
Integer underflow in QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, and Apple QuickTime before 7.6.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a crafted 0x77 Poly tag and a crafted length field, which triggers a heap-based buffer overflow.
24 CVE-2008-5821 399 1 DoS 2009-01-02 2009-01-10
5.0
None Remote Low Not required None None Partial
Memory leak in WebKit.dll in WebKit, as used by Apple Safari 3.2 on Windows Vista SP1, allows remote attackers to cause a denial of service (memory consumption and browser crash) via a long ALINK attribute in a BODY element in an HTML document.
25 CVE-2008-5406 119 1 DoS Exec Code Overflow 2008-12-10 2009-01-29
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Apple QuickTime Player 7.5.5 and iTunes 8.0.2.20 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a MOV file with "long arguments," related to an "off by one overflow."
26 CVE-2008-5377 59 1 2008-12-08 2009-01-06
6.9
Admin Local Medium Not required Complete Complete Complete
pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333.
27 CVE-2008-5183 399 1 DoS 2008-11-20 2011-03-17
4.3
None Remote Medium Not required None None Partial
cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184.
28 CVE-2008-4116 119 1 DoS Exec Code Overflow 2008-09-18 2011-01-06
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 or (3) .mov file, possibly related to the Check_stack_cookie function and an off-by-one error that leads to a heap-based buffer overflow.
29 CVE-2008-2304 119 1 DoS Exec Code Overflow 2008-07-14 2009-01-29
6.8
User Remote Medium Not required Partial Partial Partial
Buffer overflow in Apple Core Image Fun House 2.0 and earlier in CoreImage Examples in Xcode tools before 3.1 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a .funhouse file with a string XML element that contains many characters.
30 CVE-2008-0830 20 1 DoS 2008-02-19 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
The Digital Photo Access Protocol (DPAP) server for iPhoto 4.0.3 allows remote attackers to cause a denial of service (crash) via a malformed dpap: URI, a different vulnerability than CVE-2008-0043.
31 CVE-2008-0778 119 1 DoS Exec Code Overflow 2008-02-14 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Multiple stack-based buffer overflows in an ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4.1 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the (1) SetBgColor, (2) SetHREF, (3) SetMovieName, (4) SetTarget, and (5) SetMatrix methods.
32 CVE-2008-0729 399 1 DoS 2008-02-12 2008-11-15
7.1
None Remote Medium Not required None None Complete
Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote attackers to cause a denial of service (memory exhaustion and device crash) via certain JavaScript code that constructs a long string and an array containing long string elements, possibly a related issue to CVE-2006-3677. NOTE: some of these details are obtained from third party information.
33 CVE-2008-0234 119 2 Exec Code Overflow 2008-01-10 2011-08-04
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Apple Quicktime Player 7.3.1.70 and other versions before 7.4.1, when RTSP tunneling is enabled, allows remote attackers to execute arbitrary code via a long Reason-Phrase response to an rtsp:// request, as demonstrated using a 404 error message.
34 CVE-2007-6276 189 1 DoS 2007-12-07 2011-07-18
7.8
None Remote Low Not required None None Complete
The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112.
35 CVE-2007-6166 119 2 Exec Code Overflow 2007-11-28 2011-08-04
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
36 CVE-2007-5450 119 1 DoS Overflow 2007-10-14 2008-09-05
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Safari on the Apple iPod touch (aka iTouch) and iPhone 1.1.1 allows user-assisted remote attackers to cause a denial of service (application crash), and enable filesystem browsing by the local user, via a certain TIFF file.
37 CVE-2007-3876 119 1 Exec Code Overflow 2007-12-19 2008-09-05
6.6
None Local Low Not required Complete Complete None
Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows local users to execute arbitrary code via (1) a long workgroup (-W) option to mount_smbfs or (2) an unspecified manipulation of the command line to smbutil.
38 CVE-2007-0236 119 1 DoS Exec Code Overflow 2007-01-16 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (kernel panic) and possibly execute arbitrary code via a crafted AppleTalk request that triggers a heap-based buffer overflow.
39 CVE-2002-0252 1 Exec Code Overflow 2002-05-29 2009-08-19
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote web servers to execute arbitrary code via a response containing a long Content-Type MIME header.
40 CVE-2001-0198 1 Exec Code Overflow 2001-05-03 2013-04-04
7.6
Admin Remote High Not required Complete Complete Complete
Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag.
Total number of vulnerabilities : 40   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.