CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple » Iphone Os » 4.3.0 : Security Vulnerabilities Published In 2011

Cpe Name:cpe:/o:apple:iphone_os:4.3.0
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2011-3442 399 Exec Code 2011-11-11 2012-02-14
7.2
None Local Low Not required Complete Complete Complete
The kernel in Apple iOS before 5.0.1 does not ensure the validity of flag combinations for an mmap system call, which allows local users to execute arbitrary unsigned code via a crafted app.
2 CVE-2011-3441 200 +Info 2011-11-11 2012-02-03
4.3
None Remote Medium Not required Partial None None
libinfo in Apple iOS before 5.0.1 does not properly formulate domain-name queries, which allows remote attackers to obtain sensitive information via a crafted DNS hostname.
3 CVE-2011-3440 264 2011-11-11 2011-11-15
1.2
None Local High Not required Partial None None
The Passcode Lock feature in Apple iOS before 5.0.1 on the iPad 2 does not properly implement the locked state, which allows physically proximate attackers to access data by opening a Smart Cover during power-off confirmation.
4 CVE-2011-3439 119 DoS Exec Code Overflow Mem. Corr. 2011-11-11 2012-12-18
9.3
None Remote Medium Not required Complete Complete Complete
FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document.
5 CVE-2011-3434 255 +Info 2011-10-14 2011-10-20
4.3
None Remote Medium Not required Partial None None
The WiFi component in Apple iOS before 5 stores WiFi credentials in an unspecified file, which makes it easier for remote attackers to obtain sensitive information via a crafted application.
6 CVE-2011-3432 399 DoS 2011-10-14 2011-10-20
5.0
None Remote Low Not required None None Partial
The UIKit Alerts component in Apple iOS before 5 allows remote attackers to cause a denial of service (device hang) via a long tel: URL that triggers a large size for the acceptance dialog.
7 CVE-2011-3431 200 +Info 2011-10-14 2011-10-20
2.1
None Local Low Not required Partial None None
The Home screen component in Apple iOS before 5 does not properly support a certain application-switching gesture, which might allow physically proximate attackers to obtain sensitive state information by watching the device's screen.
8 CVE-2011-3430 2011-10-14 2011-10-20
9.3
None Remote Medium Not required Complete Complete Complete
The Settings component in Apple iOS before 5, when a configuration profile is used for a locale other than English, does not properly implement localization, which makes it easier for attackers to have an unspecified impact by leveraging incorrect configuration display.
9 CVE-2011-3429 255 +Info 2011-10-14 2011-10-20
2.1
None Local Low Not required Partial None None
The Settings component in Apple iOS before 5 stores a cleartext parental-restrictions passcode in an unspecified file, which might allow physically proximate attackers to obtain sensitive information by reading this file.
10 CVE-2011-3427 200 +Info 2011-10-14 2013-10-30
2.6
None Remote High Not required Partial None None
The Data Security component in Apple iOS before 5 and Apple TV before 4.4 does not properly restrict use of the MD5 hash algorithm within X.509 certificates, which makes it easier for man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate.
11 CVE-2011-3426 79 XSS 2011-10-14 2012-07-26
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Safari in Apple iOS before 5 allows remote web servers to inject arbitrary web script or HTML via a file accompanied by a "Content-Disposition: attachment" HTTP header.
12 CVE-2011-3261 94 DoS Exec Code 2011-10-14 2012-01-11
6.8
None Remote Medium Not required Partial Partial Partial
Double free vulnerability in OfficeImport in Apple iOS before 5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Excel spreadsheet.
13 CVE-2011-3260 94 DoS Exec Code Overflow 2011-10-14 2012-01-11
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in OfficeImport in Apple iOS before 5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word document.
14 CVE-2011-3259 399 DoS 2011-10-14 2012-01-11
5.0
None Remote Low Not required None None Partial
The kernel in Apple iOS before 5 and Apple TV before 4.4 does not properly recover memory allocated for incomplete TCP connections, which allows remote attackers to cause a denial of service (resource consumption) by making many connection attempts.
15 CVE-2011-3257 264 Bypass 2011-10-14 2012-01-13
2.1
None Local Low Not required Partial None None
The Data Access component in Apple iOS before 5 does not properly handle the existence of multiple user accounts on the same mail server, which allows local users to bypass intended access restrictions in opportunistic circumstances by leveraging a different account's cookie.
16 CVE-2011-3256 94 DoS Exec Code Mem. Corr. 2011-10-14 2012-12-18
4.3
None Remote Medium Not required None Partial None
FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font, a different vulnerability than CVE-2011-0226.
17 CVE-2011-3255 255 +Info 2011-10-14 2012-01-11
4.3
None Remote Medium Not required Partial None None
CFNetwork in Apple iOS before 5 stores AppleID credentials in an unspecified file, which makes it easier for remote attackers to obtain sensitive information via a crafted application.
18 CVE-2011-3254 79 XSS 2011-10-14 2011-10-14
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Calendar in Apple iOS before 5 allows remote attackers to inject arbitrary web script or HTML via an invitation note.
19 CVE-2011-3253 200 +Info 2011-10-14 2011-10-14
2.6
None Remote High Not required Partial None None
CalDAV in Apple iOS before 5 does not validate X.509 certificates for SSL sessions, which allows man-in-the-middle attackers to spoof calendar servers and obtain sensitive information via an arbitrary certificate.
20 CVE-2011-3246 200 +Info 2011-10-14 2012-02-03
5.0
None Remote Low Not required Partial None None
CFNetwork in Apple iOS before 5.0.1 and Mac OS X 10.7 before 10.7.2 does not properly parse URLs, which allows remote attackers to trigger visits to unintended web sites, and transmission of cookies to unintended web sites, via a crafted (1) http or (2) https URL.
21 CVE-2011-3245 255 +Info 2011-10-14 2011-10-20
2.1
None Local Low Not required Partial None None
The Keyboards component in Apple iOS before 5 displays the final character of an entered password during a subsequent use of a keyboard, which allows physically proximate attackers to obtain sensitive information by reading this character.
22 CVE-2011-3243 79 XSS 2011-10-14 2011-10-20
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactive DOM windows.
23 CVE-2011-1417 189 DoS Exec Code Overflow Mem. Corr. 2011-03-11 2012-03-30
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in Apple iOS before 4.2.7 and 4.3.x before 4.3.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a Microsoft Office document with a crafted size field in the OfficeArtMetafileHeader, related to OfficeArtBlip, as demonstrated on the iPhone by Charlie Miller and Dion Blazakis during a Pwn2Own competition at CanSecWest 2011.
24 CVE-2011-1344 399 Exec Code 2011-03-10 2012-03-30
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 (CDMA); and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag, related to text nodes, as demonstrated by Chaouki Bekrar during a Pwn2Own competition at CanSecWest 2011.
25 CVE-2011-0228 20 2011-08-29 2011-09-21
7.5
None Remote Low Not required Partial Partial Partial
The Data Security component in Apple iOS before 4.2.10 and 4.3.x before 4.3.5 does not check the basicConstraints parameter during validation of X.509 certificate chains, which allows man-in-the-middle attackers to spoof an SSL server by using a non-CA certificate to sign a certificate for an arbitrary domain.
26 CVE-2011-0227 264 +Priv 2011-07-19 2011-07-26
7.2
None Local Low Not required Complete Complete Complete
The queueing primitives in IOMobileFrameBuffer in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 do not properly perform type conversion, which allows local users to gain privileges via a crafted application.
27 CVE-2011-0226 189 DoS Exec Code Mem. Corr. 2011-07-19 2011-10-25
9.3
None Remote Medium Not required Complete Complete Complete
Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.
28 CVE-2011-0195 200 +Info 2011-04-15 2011-07-22
4.3
None Remote Medium Not required Partial None None
The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202.
Total number of vulnerabilities : 28   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.