CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple : Security Vulnerabilities (Bypass)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-2234 20 Bypass 2014-03-05 2014-03-05
6.4
None Remote Low Not required Partial Partial None
A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier uses a Trust Evaluation Agent (TEA) feature without terminating certain TLS/SSL handshakes as specified in the SSL_CTX_set_verify callback function's documentation, which allows remote attackers to bypass extra verification within a custom application via a crafted certificate chain that is acceptable to TEA but not acceptable to that application.
2 CVE-2014-2019 264 Bypass 2014-02-18 2014-03-16
4.9
None Local Low Not required None Complete None
The iCloud subsystem in Apple iOS before 7.1 allows physically proximate attackers to bypass an intended password requirement, and turn off the Find My iPhone service or complete a Delete Account action and then associate this service with a different Apple ID account, by entering an arbitrary iCloud Account Password value and a blank iCloud Account Description value.
3 CVE-2014-1314 264 Exec Code Bypass 2014-04-23 2014-04-23
10.0
None Remote Low Not required Complete Complete Complete
WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed application, which allows attackers to bypass the sandbox protection mechanism and execute arbitrary code via a crafted application.
4 CVE-2014-1303 119 Exec Code Overflow Bypass 2014-03-26 2014-04-24
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Liang Chen during a Pwn2Own competition at CanSecWest 2014.
5 CVE-2014-1297 20 Bypass 2014-04-02 2014-04-02
5.0
None Remote Low Not required Partial None None
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, does not properly validate WebProcess IPC messages, which allows remote attackers to bypass a sandbox protection mechanism and read arbitrary files by leveraging WebProcess access.
6 CVE-2014-1296 264 Bypass 2014-04-23 2014-04-23
4.3
None Remote Medium Not required Partial None None
CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allows remote attackers to bypass intended access restrictions by triggering the closing of a TCP connection during transmission of a header, as demonstrated by an HTTPOnly restriction.
7 CVE-2014-1285 264 Bypass 2014-03-14 2014-03-14
5.8
None Remote Medium Not required Partial Partial None
Springboard in Apple iOS before 7.1 allows physically proximate attackers to bypass intended access restrictions and read the home screen by leveraging an application crash during activation of an unactivated device.
8 CVE-2014-1282 264 Bypass 2014-03-14 2014-03-14
5.8
None Remote Medium Not required Partial Partial None
The Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass intended configuration-profile visibility requirements via a long name.
9 CVE-2014-1273 20 Bypass 2014-03-14 2014-03-14
5.8
None Remote Medium Not required Partial Partial None
dyld in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass code-signing requirements by leveraging use of text-relocation instructions in a dynamic library.
10 CVE-2014-1267 20 Bypass 2014-03-14 2014-03-14
5.8
None Remote Medium Not required Partial Partial None
The Configuration Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 does not properly evaluate the expiration date of a mobile configuration profile, which allows attackers to bypass intended access restrictions by using a profile after the date has passed.
11 CVE-2014-1265 264 Bypass 2014-02-26 2014-02-27
4.6
None Local Low Not required Partial Partial Partial
The systemsetup program in the Date and Time subsystem in Apple OS X before 10.9.2 allows local users to bypass intended access restrictions by changing the current time on the system clock.
12 CVE-2014-1264 264 Bypass 2014-02-26 2014-03-10
3.3
None Local Medium Not required Partial Partial None
Finder in Apple OS X before 10.9.2 does not ensure ACL integrity after the viewing of file ACL information, which allows local users to bypass intended access restrictions in opportunistic circumstances via standard filesystem operations on a file with a damaged ACL.
13 CVE-2014-1262 119 Overflow Mem. Corr. Bypass 2014-02-26 2014-02-27
7.5
None Remote Low Not required Partial Partial Partial
Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption.
14 CVE-2014-1257 264 Bypass 2014-02-26 2014-02-27
3.6
None Local Low Not required Partial Partial None
CFNetwork in Apple OS X through 10.8.5 does not remove session cookies upon a Safari reset action, which allows physically proximate attackers to bypass intended access restrictions by leveraging an unattended workstation.
15 CVE-2014-1256 119 Overflow Bypass 2014-02-26 2014-02-27
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages.
16 CVE-2014-1255 20 Bypass 2014-02-26 2014-02-27
7.5
None Remote Low Not required Partial Partial Partial
Apple Type Services (ATS) in Apple OS X before 10.9.2 does not properly validate calls to the free function, which allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages.
17 CVE-2013-5227 264 Bypass 2013-12-18 2014-03-16
6.4
None Remote Low Not required Partial Partial None
Apple Safari before 6.1.1 and 7.x before 7.0.1 allows remote attackers to bypass the Same Origin Policy and discover credentials by triggering autofill of subframe form fields.
18 CVE-2013-5189 264 Bypass 2013-10-23 2013-10-24
5.8
None Remote Medium Not required Partial Partial None
Apple Mac OS X before 10.9 does not preserve a certain administrative system-preferences setting across software updates, which allows context-dependent attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended security configuration after the completion of an update.
19 CVE-2013-5179 264 Bypass 2013-10-23 2014-03-05
7.5
None Remote Low Not required Partial Partial Partial
App Sandbox in Apple Mac OS X before 10.9 allows attackers to bypass intended sandbox restrictions via a crafted app that uses the LaunchServices interface to specify process arguments.
20 CVE-2013-5171 264 Bypass 2013-10-23 2013-10-24
3.3
None Local Medium Not required Partial Partial None
CoreGraphics in Apple Mac OS X before 10.9 allows local users to bypass secure input mode and log an arbitrary application's keystrokes via a hotkey event registration.
21 CVE-2013-5165 264 Bypass 2013-10-23 2013-10-24
6.4
None Remote Low Not required Partial Partial None
socketfilterfw in Application Firewall in Apple Mac OS X before 10.9 does not properly implement the --blockApp option, which allows remote attackers to bypass intended access restrictions via a network connection to an application for which blocking was configured.
22 CVE-2013-5164 362 Bypass 2013-10-23 2013-10-24
3.3
None Local Medium Not required Partial Partial None
Multiple race conditions in the Phone app in Apple iOS before 7.0.3 allow physically proximate attackers to bypass the locked state, and dial the telephone numbers in arbitrary Contacts entries, by visiting the Contacts pane.
23 CVE-2013-5163 287 Bypass 2013-10-04 2013-10-07
6.6
None Local Low Not required None Complete Complete
Directory Services in Apple Mac OS X before 10.8.5 Supplemental Update allows local users to bypass password-based authentication and modify arbitrary Directory Services records via unspecified vectors.
24 CVE-2013-5162 264 Bypass 2013-10-23 2013-10-24
2.1
None Local Low Not required Partial None None
Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows physically proximate attackers to bypass the passcode-failure disabled state by leveraging certain incorrect visibility of the passcode-entry view after use of the Phone app.
25 CVE-2013-5161 264 Bypass 2013-09-27 2013-10-07
4.4
None Local Medium Not required Partial Partial Partial
Passcode Lock in Apple iOS before 7.0.2 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement, and open the Camera app or read the list of all recently opened apps, by leveraging unspecified transition errors.
26 CVE-2013-5160 264 Bypass 2013-09-27 2013-10-07
3.3
None Local Medium Not required Partial Partial None
Passcode Lock in Apple iOS before 7.0.2 on iPhone devices allows physically proximate attackers to bypass an intended passcode requirement, and dial arbitrary telephone numbers, by making a series of taps of the emergency-call button to trigger a NULL pointer dereference.
27 CVE-2013-5159 264 Bypass +Info 2013-09-19 2013-10-22
4.3
None Remote Medium Not required Partial None None
WebKit in Apple iOS before 7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive information about use of the window.webkitRequestAnimationFrame API via an IFRAME element.
28 CVE-2013-5156 264 Bypass 2013-09-19 2013-10-22
4.3
None Remote Medium Not required Partial None None
The Telephony subsystem in Apple iOS before 7 does not require API conformity for access to telephony-daemon interfaces, which allows attackers to bypass intended restrictions on phone calls via a crafted app that sends direct requests to the daemon.
29 CVE-2013-5154 264 Bypass 2013-09-19 2013-10-25
4.3
None Remote Medium Not required None Partial None
The Sandbox subsystem in Apple iOS before 7 determines the sandboxing requirement for a #! application on the basis of the script interpreter instead of the script, which allows attackers to bypass intended access restrictions via a crafted application.
30 CVE-2013-5147 362 Bypass 2013-09-19 2013-09-26
3.7
None Local High Not required Partial Partial Partial
Passcode Lock in Apple iOS before 7 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement by leveraging a race condition involving phone calls and ejection of a SIM card.
31 CVE-2013-5144 264 Bypass 2013-10-23 2013-10-24
3.3
None Local Medium Not required Partial Partial None
Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows physically proximate attackers to bypass an intended passcode requirement, and dial arbitrary telephone numbers, by tapping the emergency-call button during a certain notification and camera-pane state to trigger a NULL pointer dereference.
32 CVE-2013-3951 20 Bypass 2013-06-05 2013-06-06
4.6
None Local Low Not required Partial Partial Partial
sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users to bypass cookie randomization by executing a program with a call-path beginning with the stack-guard= substring, as demonstrated by an iOS untethering attack or an attack against a setuid Mac OS X program.
33 CVE-2013-3949 264 Bypass 2013-06-05 2013-06-05
2.1
None Local Low Not required None Partial None
The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not prevent use of the _POSIX_SPAWN_DISABLE_ASLR and _POSIX_SPAWN_ALLOW_DATA_EXEC flags for setuid and setgid programs, which allows local users to bypass intended access restrictions via a wrapper program that calls the posix_spawnattr_setflags function.
34 CVE-2013-1033 264 Bypass 2013-09-16 2013-09-18
5.5
None Remote Low Single system Partial Partial None
Screen Lock in Apple Mac OS X before 10.8.5 does not properly track sessions, which allows remote authenticated users to bypass locking by leveraging screen-sharing access.
35 CVE-2013-1031 264 Bypass 2013-09-16 2013-09-19
3.3
None Local Medium Not required Partial Partial None
Power Management in Apple Mac OS X before 10.8.5 does not properly perform locking upon occurrences of a power assertion, which allows physically proximate attackers to bypass intended access restrictions by visiting an unattended workstation on which a locking failure had prevented the startup of the screen saver.
36 CVE-2013-0982 200 Bypass +Info 2013-06-05 2013-06-05
1.7
None Local Low Single system Partial None None
The Private Browsing feature in CFNetwork in Apple Mac OS X before 10.8.4 does not prevent storage of permanent cookies upon exit from Safari, which might allow physically proximate attackers to bypass cookie-based authentication by leveraging an unattended workstation.
37 CVE-2013-0980 264 Bypass 2013-03-20 2013-03-21
2.1
None Local Low Not required None Partial None
The Passcode Lock implementation in Apple iOS before 6.1.3 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement by leveraging an error in the emergency-call feature.
38 CVE-2013-0978 200 Bypass +Info 2013-03-20 2013-03-21
2.1
None Local Low Not required Partial None None
The ARM prefetch abort handler in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not ensure that it has been invoked in an abort context, which makes it easier for local users to bypass the ASLR protection mechanism via crafted code.
39 CVE-2013-0977 Bypass 2013-03-20 2013-03-21
4.6
None Local Low Not required Partial Partial Partial
dyld in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not properly manage the state of file loading for Mach-O executable files, which allows local users to bypass intended code-signing requirements via a file that contains overlapping segments.
40 CVE-2013-0974 Exec Code Bypass 2013-01-29 2013-02-05
5.1
None Remote High Not required Partial Partial Partial
StoreKit in Apple iOS before 6.1 does not properly handle the disabling of JavaScript within the preferences configuration of Mobile Safari, which allows remote attackers to bypass intended access restrictions and execute JavaScript code via a web site with a Smart App Banner.
41 CVE-2013-0970 Bypass 2013-03-15 2013-03-15
4.3
None Remote Medium Not required None Partial None
Messages in Apple Mac OS X before 10.8.3 allows remote attackers to bypass the FaceTime call-confirmation prompt via a crafted FaceTime: URL.
42 CVE-2013-0969 264 Bypass 2013-03-15 2013-03-18
4.9
None Local Low Not required None Complete None
Login Window in Apple Mac OS X before 10.8.3 does not prevent application launching with the VoiceOver feature, which allows physically proximate attackers to bypass authentication and make arbitrary System Preferences changes via unspecified use of the keyboard.
43 CVE-2013-0967 Bypass 2013-03-15 2013-03-18
4.3
None Remote Medium Not required None Partial None
CoreTypes in Apple Mac OS X before 10.8.3 includes JNLP files in the list of safe file types, which allows remote attackers to bypass a Java plug-in disabled setting, and trigger the launch of Java Web Start applications, via a crafted web site.
44 CVE-2013-0966 Bypass 2013-03-15 2013-03-18
6.4
None Remote Low Not required Partial Partial None
The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI.
45 CVE-2013-0964 20 Bypass 2013-01-29 2013-02-05
3.6
None Local Low Not required Partial Partial None
The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page.
46 CVE-2013-0963 20 Bypass 2013-01-29 2013-03-15
2.1
None Local Low Not required None Partial None
Identity Services in Apple iOS before 6.1 does not properly handle validation failures of AppleID certificates, which might allow physically proximate attackers to bypass authentication by leveraging an incorrect assignment of an empty string value to an AppleID.
47 CVE-2013-0957 264 Bypass 2013-09-19 2013-10-10
5.8
None Remote Medium Not required Partial Partial None
Data Protection in Apple iOS before 7 allows attackers to bypass intended limits on incorrect passcode entry, and consequently avoid a configured Erase Data setting, by leveraging the presence of an app in the third-party sandbox.
48 CVE-2012-5851 79 XSS Bypass 2012-11-15 2012-11-19
4.3
None Remote Medium Not required None Partial None
html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remote attackers to bypass a cross-site scripting (XSS) protection mechanism via a crafted string, aka rdar problem 12019108.
49 CVE-2012-3750 264 Bypass 2012-11-03 2013-03-01
3.6
None Local Low Not required Partial Partial None
The Passcode Lock implementation in Apple iOS before 6.0.1 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement and access Passbook passes via unspecified vectors.
50 CVE-2012-3749 200 Bypass +Info 2012-11-03 2013-08-17
5.0
None Remote Low Not required Partial None None
The extensions APIs in the kernel in Apple iOS before 6.0.1 provide kernel addresses in responses that contain an OSBundleMachOHeaders key, which makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted app.
Total number of vulnerabilities : 166   Page : 1 (This Page)2 3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.