CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple » Iphone Os : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-1786 200 Bypass +Info 2016-03-23 2016-03-25
5.8
None Remote Medium Not required Partial Partial None
The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles HTTP responses with a 3xx (aka redirection) status code, which allows remote attackers to spoof the displayed URL, bypass the Same Origin Policy, and obtain sensitive cached information via a crafted web site.
2 CVE-2016-1766 2016-03-23 2016-03-25
5.0
None Remote Low Not required None Partial None
The Profiles component in Apple iOS before 9.3 does not properly validate certificates, which allows attackers to spoof an MDM profile trust relationship via unspecified vectors.
3 CVE-2016-1730 19 2016-02-01 2016-02-16
5.8
None Remote Medium Not required Partial Partial None
WebSheet in Apple iOS before 9.2.1 allows remote attackers to read or write to cookies by operating a crafted captive portal.
4 CVE-2015-8242 119 DoS Overflow +Info 2015-12-15 2016-04-01
5.8
None Remote Medium Not required Partial None Partial
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
5 CVE-2015-7995 DoS 2015-11-17 2016-03-29
5.0
None Remote Low Not required None None Partial
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.
6 CVE-2015-7500 119 DoS Overflow 2015-12-15 2016-04-12
5.0
None Remote Low Not required None None Partial
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
7 CVE-2015-7499 119 Overflow +Info 2015-12-15 2016-04-12
5.0
None Remote Low Not required Partial None None
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
8 CVE-2015-7081 2015-12-11 2015-12-11
5.0
None Remote Low Not required Partial None None
iBooks in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to read arbitrary files via an iBooks file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
9 CVE-2015-7037 22 Dir. Trav. 2015-12-11 2015-12-11
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Mobile Backup in Photos in Apple iOS before 9.2 allows attackers to read arbitrary files via a crafted pathname.
10 CVE-2015-7023 17 2015-10-23 2015-10-26
5.8
None Remote Medium Not required None Partial Partial
CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not properly consider the uppercase-versus-lowercase distinction during cookie parsing, which allows remote web servers to overwrite cookies via unspecified vectors.
11 CVE-2015-6999 254 2015-10-23 2015-10-23
5.0
None Remote Low Not required None Partial None
The OCSP client in Apple iOS before 9.1 does not check for certificate expiry, which allows remote attackers to spoof a valid certificate by leveraging access to a revoked certificate.
12 CVE-2015-5912 17 2015-09-18 2015-10-09
5.0
None Remote Low Not required None Partial None
The CFNetwork FTPProtocol component in Apple iOS before 9 allows remote FTP proxy servers to trigger TCP connection attempts to intranet hosts via crafted responses.
13 CVE-2015-5906 200 +Info 2015-09-18 2015-09-18
5.0
None Remote Low Not required Partial None None
The HTML form implementation in WebKit in Apple iOS before 9 does not prevent QuickType access to the final character of a password, which might make it easier for remote attackers to discover a password by leveraging a later prediction containing that character.
14 CVE-2015-5905 254 2015-09-18 2015-09-18
5.0
None Remote Low Not required None Partial None
Safari in Apple iOS before 9 allows remote attackers to spoof the relationship between URLs and web content via a crafted window opener on a web site.
15 CVE-2015-5885 200 +Info 2015-09-18 2015-10-09
5.0
None Remote Low Not required Partial None None
The CFNetwork Cookies component in Apple iOS before 9 allows remote attackers to track users via vectors involving a cookie for a top-level domain.
16 CVE-2015-5879 20 DoS Bypass 2015-09-18 2015-10-09
5.0
None Remote Low Not required None None Partial
XNU in the kernel in Apple iOS before 9 does not properly validate the headers of TCP packets, which allows remote attackers to bypass the sequence-number protection mechanism and cause a denial of service (TCP connection disruption) via a crafted header.
17 CVE-2015-5860 200 Bypass +Info 2015-09-18 2015-10-13
5.0
None Remote Low Not required Partial None None
The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remote attackers to bypass the Safari private-browsing protection mechanism and track users via a crafted web site.
18 CVE-2015-5858 200 Bypass +Info 2015-09-18 2015-10-13
5.0
None Remote Low Not required Partial None None
The CFNetwork HTTPProtocol component in Apple iOS before 9 allows remote attackers to bypass the HSTS protection mechanism, and consequently obtain sensitive information, via a crafted URL.
19 CVE-2015-5857 254 2015-09-18 2015-09-18
5.0
None Remote Low Not required None Partial None
Mail in Apple iOS before 9 allows remote attackers to use an address-book contact as a spoofed e-mail sender address via unspecified vectors.
20 CVE-2015-5841 74 2015-09-18 2015-10-20
5.0
None Remote Low Not required None Partial None
The CFNetwork Proxies component in Apple iOS before 9 does not properly handle a Set-Cookie header within a response to an HTTP CONNECT request, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response.
21 CVE-2015-5840 119 DoS Overflow 2015-09-18 2015-10-09
5.0
None Remote Low Not required None None Partial
The checkint division routines in removefile in Apple iOS before 9 allow attackers to cause a denial of service (overflow fault and app crash) via crafted data.
22 CVE-2015-5839 254 Bypass 2015-09-18 2015-10-09
5.0
None Remote Low Not required None Partial None
dyld in Apple iOS before 9 allows attackers to bypass a code-signing protection mechanism via an app that places a crafted signature in an executable file.
23 CVE-2015-5831 200 +Info 2015-09-18 2015-10-20
5.0
None Remote Low Not required Partial None None
NetworkExtension in the kernel in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows attackers to obtain sensitive memory-layout information via a crafted app.
24 CVE-2015-5827 200 Bypass +Info 2015-09-18 2015-10-20
5.0
None Remote Low Not required Partial None None
WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a (1) custom event, (2) message event, or (3) pop state event.
25 CVE-2015-5770 264 2015-08-16 2015-08-19
5.8
None Remote Medium Not required None Partial Partial
MobileInstallation in Apple iOS before 8.4.1 does not ensure the uniqueness of universal provisioning profile bundle IDs, which allows attackers to replace arbitrary extensions via a crafted enterprise app.
26 CVE-2015-5766 22 Dir. Trav. 2015-08-16 2015-08-19
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Air Traffic in Apple iOS before 8.4.1 allows attackers to access arbitrary filesystem locations via vectors related to asset handling.
27 CVE-2015-5759 254 2015-08-16 2015-08-19
5.0
None Remote Low Not required None Partial None
WebKit in Apple iOS before 8.4.1 allows remote attackers to spoof clicks via a crafted web site that leverages tap events.
28 CVE-2015-5752 59 Bypass 2015-08-16 2015-08-19
5.0
None Remote Low Not required Partial None None
Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via a crafted app that creates a symlink.
29 CVE-2015-5746 284 Bypass 2015-08-16 2015-08-19
5.0
None Remote Low Not required Partial None None
AppleFileConduit in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via an afc command that leverages symlink mishandling.
30 CVE-2015-3801 264 Bypass 2015-09-18 2015-10-21
5.0
None Remote Low Not required None Partial None
The document.cookie API implementation in the CFNetwork Cookies subsystem in WebKit in Apple iOS before 9 allows remote attackers to bypass an intended single-cookie restriction via unspecified vectors.
31 CVE-2015-3784 200 +Info 2015-08-16 2015-10-20
5.0
None Remote Low Not required Partial None None
Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
32 CVE-2015-3753 200 Bypass +Info 2015-08-16 2015-08-18
5.0
None Remote Low Not required Partial None None
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly perform taint checking for CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive image data by leveraging a redirect to a data:image resource.
33 CVE-2015-3752 200 +Info 2015-08-16 2015-08-18
5.0
None Remote Low Not required Partial None None
The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive information via vectors involving (1) a cross-origin request or (2) a private-browsing request.
34 CVE-2015-3751 254 Bypass 2015-08-16 2015-08-18
5.0
None Remote Low Not required None Partial None
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to bypass a Content Security Policy protection mechanism by using a video control in conjunction with an IMG element within an OBJECT element.
35 CVE-2015-1819 399 DoS 2015-08-14 2016-04-12
5.0
None Remote Low Not required None None Partial
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.
36 CVE-2015-1118 DoS Mem. Corr. 2015-04-10 2015-09-11
5.0
None Remote Low Not required None None Partial
libnetcore in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (memory corruption and application crash) via a crafted configuration profile.
37 CVE-2015-1112 200 +Info 2015-04-10 2015-11-30
5.0
None Remote Low Not required Partial None None
Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, as used on iOS before 8.3 and other platforms, does not properly delete browsing-history data from the history.plist file, which allows attackers to obtain sensitive information by reading this file.
38 CVE-2015-1111 200 +Info 2015-04-10 2015-09-30
5.0
None Remote Low Not required Partial None None
Safari in Apple iOS before 8.3 does not delete Recently Closed Tabs data in response to a history-clearing action, which allows attackers to obtain sensitive information by reading a history file.
39 CVE-2015-1110 200 +Info 2015-04-10 2015-09-30
5.0
None Remote Low Not required Partial None None
The Podcasts component in Apple iOS before 8.3 and Apple TV before 7.2 allows remote attackers to discover unique identifiers by reading asset-download request data.
40 CVE-2015-1105 20 DoS 2015-04-10 2015-09-30
5.0
None Remote Low Not required None None Partial
The TCP implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly implement the Urgent (aka out-of-band data) mechanism, which allows remote attackers to cause a denial of service via crafted packets.
41 CVE-2015-1104 20 Bypass 2015-04-10 2015-09-30
5.0
None Remote Low Not required None Partial None
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly determine whether an IPv6 packet had a local origin, which allows remote attackers to bypass an intended network-filtering protection mechanism via a crafted packet.
42 CVE-2015-1100 119 DoS Overflow +Info 2015-04-10 2015-09-10
5.4
None Local Medium Not required Partial None Complete
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (out-of-bounds memory access) or obtain sensitive memory-content information via a crafted app.
43 CVE-2015-1092 2015-04-10 2015-08-06
5.0
None Remote Low Not required Partial None None
NSXMLParser in Foundation in Apple iOS before 8.3 and Apple TV before 7.2 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
44 CVE-2015-1090 200 +Info 2015-04-10 2015-09-30
5.0
None Remote Low Not required Partial None None
CFNetwork in Apple iOS before 8.3 does not delete HTTP Strict Transport Security (HSTS) state information in response to a Safari history-clearing action, which allows attackers to obtain sensitive information by reading a history file.
45 CVE-2015-1089 200 Bypass +Info 2015-04-10 2015-09-30
5.0
None Remote Low Not required Partial None None
CFNetwork in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not properly handle cookies during processing of redirects in HTTP responses, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
46 CVE-2015-1084 17 2015-03-18 2015-09-30
5.0
None Remote Low Not required None Partial None
The user interface in WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, does not display URLs consistently, which makes it easier for remote attackers to conduct phishing attacks via a crafted URL.
47 CVE-2015-1065 119 Exec Code Overflow 2015-03-12 2015-09-28
5.4
None Local Network Medium Not required Partial Partial Partial
Multiple buffer overflows in iCloud Keychain in Apple iOS before 8.2 and Apple OS X through 10.10.2 allow man-in-the-middle attackers to execute arbitrary code by modifying the client-server data stream during keychain recovery.
48 CVE-2015-1062 19 2015-03-12 2015-09-11
5.0
None Remote Low Not required None Partial None
MobileStorageMounter in Apple iOS before 8.2 and Apple TV before 7.1 does not delete invalid disk-image folders, which allows attackers to create folders in arbitrary filesystem locations via a crafted app.
49 CVE-2014-4496 264 Bypass 2015-01-30 2015-03-12
5.0
None Remote Low Not required Partial None None
The mach_port_kobject interface in the kernel in Apple iOS before 8.1.3 and Apple TV before 7.0.3 does not properly restrict kernel-address and heap-permutation information, which makes it easier for attackers to bypass the ASLR protection mechanism via a crafted app.
50 CVE-2014-4491 200 Bypass +Info 2015-01-30 2015-11-17
5.0
None Remote Low Not required Partial None None
The extension APIs in the kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 do not prevent the presence of addresses within an OSBundleMachOHeaders key in a response, which makes it easier for attackers to bypass the ASLR protection mechanism via a crafted app.
Total number of vulnerabilities : 100   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.