| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2011-3441 |
200 |
|
+Info |
2011-11-11 |
2012-02-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
libinfo in Apple iOS before 5.0.1 does not properly formulate domain-name queries, which allows remote attackers to obtain sensitive information via a crafted DNS hostname. |
|
2 |
CVE-2011-3440 |
264 |
|
|
2011-11-11 |
2011-11-15 |
1.2 |
None |
Local |
High |
Not required |
Partial |
None |
None |
|
The Passcode Lock feature in Apple iOS before 5.0.1 on the iPad 2 does not properly implement the locked state, which allows physically proximate attackers to access data by opening a Smart Cover during power-off confirmation. |
|
3 |
CVE-2011-3439 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2011-11-11 |
2012-12-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document. |
|
4 |
CVE-2010-1809 |
|
|
|
2010-09-09 |
2010-09-14 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors. |
|
5 |
CVE-2010-0038 |
399 |
|
Mem. Corr. Bypass |
2010-02-03 |
2010-03-26 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for iPod touch 1.1 through 3.1.2, allows physically proximate attackers to bypass device locking, and read or modify arbitrary data, via a USB control message that triggers memory corruption. |
|
6 |
CVE-2009-3273 |
310 |
|
|
2009-09-21 |
2009-09-22 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate. |
|
7 |
CVE-2009-2815 |
399 |
|
DoS |
2009-09-10 |
2009-09-24 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service (NULL pointer dereference and service interruption) via a crafted SMS message. |
|
8 |
CVE-2009-2797 |
200 |
|
+Info |
2009-09-10 |
2012-10-22 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive information by reading Referer logs on a web server. |
|
9 |
CVE-2009-2795 |
119 |
|
Overflow Bypass |
2009-09-10 |
2012-10-22 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to "command parsing." |
|
10 |
CVE-2009-2204 |
|
|
Exec Code Mem. Corr. |
2009-08-03 |
2010-03-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapore. |
|
11 |
CVE-2009-1690 |
399 |
|
DoS Exec Code Mem. Corr. |
2009-06-10 |
2011-02-24 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers." |
|
12 |
CVE-2008-4233 |
|
|
|
2008-11-25 |
2008-12-03 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not isolate the call-approval dialog from the process of launching new applications, which allows remote attackers to make arbitrary phone calls via a crafted HTML document. |
|
13 |
CVE-2008-4232 |
|
|
|
2008-11-25 |
2008-12-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to spoof a user interface via a crafted HTML document. |
|
14 |
CVE-2008-4231 |
399 |
|
DoS Exec Code Mem. Corr. |
2008-11-25 |
2009-06-13 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. |
|
15 |
CVE-2008-4230 |
264 |
|
+Info |
2008-11-25 |
2008-12-03 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 displays SMS messages when the emergency-call screen is visible, which allows physically proximate attackers to obtain sensitive information by reading these messages. NOTE: this might be a duplicate of CVE-2008-4593. |
|
16 |
CVE-2008-4229 |
362 |
|
|
2008-11-25 |
2008-12-03 |
3.7 |
None |
Local |
High |
Not required |
Partial |
Partial |
Partial |
|
Race condition in the Passcode Lock feature in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.0 through 2.1 allows physically proximate attackers to remove the lock and launch arbitrary applications by restoring the device from a backup. |
|
17 |
CVE-2008-4228 |
264 |
|
|
2008-11-25 |
2008-12-03 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows physically proximate attackers to leverage the emergency-call ability of locked devices to make a phone call to an arbitrary number. |
|
18 |
CVE-2008-4227 |
310 |
|
+Info |
2008-11-25 |
2011-09-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 changes the encryption level of PPTP VPN connections to a lower level than was previously used, which makes it easier for remote attackers to obtain sensitive information or hijack a connection by decrypting network traffic. |
|
19 |
CVE-2008-1586 |
399 |
|
DoS |
2008-11-25 |
2009-02-20 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
ImageIO in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allow remote attackers to cause a denial of service (memory consumption and device reset) via a crafted TIFF image. |
