CVE-2019-9536

CVE-2019-9536 affects the Apple iPhone 3GS bootrom malloc implementation, which returns a non-NULL pointer when memory allocation fails (alloc8). The vulnerability enables an attacker with physical access to install arbitrary firmware on the device. The connected documents provide the affected co...

A single click to achieve remote code execution: content management framework Drupal malicious image upload exploit chain analysis-vulnerability warning-the black bar safety net

Overview Recently, Drupal has released a set for the 7. x and 8. x version key patch. In the update, contains a set of vulnerabilities fix the vulnerabilities is our initial participation in the for the target of the vulnerability incentive program when submitted. These vulnerabilities can achiev...

iOS My DBLite Edition - Remote 0day DoS Exploit

No description provided by source. !/usr/bin/python Apple Iphone/Ipod - My DBLite Edition Remote 0day DOS exploit Found by: Jason Bowes - admin @ blue-dogz.com App Homepage: www.xenugo.co Price: Free Download: From the app store use your itunes account Tested on: Iphone 3GS - firmware 3.1.2 What'...

APPLE-SA-2014-02-21-2 iOS 7.0.6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-21-1 iOS 6.1.6 iOS 6.1.6 is now available and addresses the following: Data Security Available for: iPhone 3GS, iPod touch 4th generation Impact: An attacker with a privileged network position may capture or modify data in sessions...

APPLE-SA-2014-02-21-1 iOS 6.1.6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-21-1 iOS 6.1.6 iOS 6.1.6 is now available and addresses the following: Data Security Available for: iPhone 3GS, iPod touch 4th generation Impact: An attacker with a privileged network position may capture or modify data in sessions...

Data Encryption, 3.1/3GS

Apple’s decision to add data encryption with the iPhone 3GS was a nod to enterprise customers who wanted to offer iPhones to their employees, but were wary of the lack of security features compared with competing platforms like RIM’s Blackberry. Still, when they finally got around to it – with th...

Apple Mobile Safari "decodeURI()"远程拒绝服务漏洞

BUGTRAQ ID: 45516 Safari是苹果家族机器操作系统中默认捆绑的WEB浏览器。 Safari的decodeURI函数在实现上存在漏洞，攻击者可利用此漏洞应用程序崩溃，造成拒绝服务。 Apple Safari 厂商补丁： Apple ----- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.apple.com ?php / / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / , / / // / / / / /...

Apple iOS Safari - 'decodeURI' Remote Crash

Apple iPhone 3 Safari JavaScript - decodeURI Remote Crash decodeURI'$string'; "; iffileputcontents"./crash.html", $code echo"Point your safari mobile browser to crash.html.\r\n"; else echo"Cannot create file.\r\n"; ?...

CVE-2010-1226

The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service Safari, Mail, or Springboard crash via a crafted innerHTML property of a DIV element, related to a "malformed character" issue...

iPhone Springboard Malformed Character Crash PoC

Exploit for hardware platform in category dos / poc ================================================ iPhone Springboard Malformed Character Crash PoC ================================================ !/usr/bin/python iPhone Springboard crash PoC by Chase Higgins. Devices tested: iPhone 2G @ OS 3.1...

iPhone Springboard - Malformed Character Crash (PoC)

!/usr/bin/python iPhone Springboard crash PoC by Chase Higgins. Devices tested: iPhone 2G @ OS 3.1, iPhone 3GS @ 3.1.3 this script acts as webserver, and causes Safari, as well as Mail and Springboard to crash all these apps crash after running this exploit on the iPhone. Unable to debug any of...

iPhone FTP Server By Zhang Boyang Remote DoS Exploit

Exploit for unknown platform in category dos / poc ==================================================== iPhone FTP Server By Zhang Boyang Remote DoS Exploit ==================================================== !/usr/bin/perl Exploit: FTP Server By Zhang Boyang - Remote Dos Exploit Date: 24/02/10...

iPhone FTP Server By Zhang Boyang - Remote Denial of Service

!/usr/bin/perl Exploit: FTP Server By Zhang Boyang - Remote Dos Exploit Date: 24/02/10 Author: Ale46 Software Link: http://itunes.apple.com/us/app/ftp-server/id356055128?mt=8 Version: 1.0 Tested on: Iphone 3GS with 3.1.2 firmware Greetz: Gandalf use IO::Socket; if @ARGV\n"; exit; my $host = $ARGV...

iFTPStorage v1.2 for Iphone\Ipod - Remote Dos Exploit

No description provided by source. !/usr/bin/perl Exploit: iFTPStorage for Iphone\Ipod - Remote Dos Exploit Date: 20/02/10 Author: Ale46 Software Link: http://itunes.apple.com/us/app/iftpstorage/id333357690?mt=8 Version: 1.2 Tested on: Iphone 3GS with 3.1.2 firmware Note: iFTSTorage Lite is also...

iPhone, Android, Others Get Man in the Middle Treatment

Security researchers have released a paper detailing successful man-in-the-middle attacks against several smartphones. The SSL enabled log in sessions on the tested, Nokia N95, HTC Tilt, Android G1 and iPhone 3GS devices was sniffed using the publicly available SSLstrip tool, with the attack taki...