Lucene search
+L

4275 matches found

Cvelist
Cvelist
added 2009/09/10 9:0 p.m.36 views

CVE-2009-2815

The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service NULL pointer dereference and service interruption via a crafted SMS message...

6.1AI score0.02467EPSS
Exploits1References3
CVE
CVE
added 2009/09/10 9:0 p.m.63 views

CVE-2009-2797

CVE-2009-2797 affects the WebKit component used by Safari on Apple iPhone OS prior to 3.1 (and iPhone OS prior to 3.1.1 on iPod touch). The issue is that usernames and passwords sent in URLs are not removed from Referer headers, allowing remote attackers to obtain sensitive information by reading...

5CVSS8.1AI score0.03577EPSS
Exploits0References13Affected Software1
CVE
CVE
added 2009/09/10 9:0 p.m.51 views

CVE-2009-2795

CVE-2009-2795: Heap-based buffer overflow in the Recovery Mode component of Apple iPhone OS before 3.1 and iPhone OS before 3.1.1 for iPod touch allows local users to bypass the passcode and access arbitrary data via vectors related to "command parsing." This description is supported by multiple ...

7.2CVSS6.5AI score0.0037EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2009/09/10 9:0 p.m.50 views

CVE-2009-2794

The CVE-2009-2794 issue affects Apple iPhone OS before 3.1 (and iPhone OS before 3.1.1 on iPod touch) in the Exchange Support component. The root cause is the Maximum inactivity time lock not being properly implemented, which lets a local user bypass Exchange restrictions by selecting a large Req...

4.6CVSS5.9AI score0.00258EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2009/09/10 9:0 p.m.57 views

CVE-2009-2206

The CVE-2009-2206 issue affects Apple iPhone OS AudioCodecs (CoreAudio) where multiple heap-based buffer overflows occur while parsing AAC/MP3 streams. Vulnerable on iPhone OS <3.1 and iPod touch

6.8CVSS7.9AI score0.04626EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2009/09/10 9:0 p.m.52 views

CVE-2009-2796

CVE-2009-2796 affects the UIKit component in Apple iPhone OS 3.0 (and 3.0.1 on iPod touch). The issue lets physically proximate attackers observe a user’s password when the user undoes deletions in a password field, exposing partial confidentiality. The source documents do not provide a mitigatio...

2.1CVSS6.3AI score0.00363EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2009/09/10 9:0 p.m.62 views

CVE-2009-2815

CVE-2009-2815 affects the Telephony component in Apple iPhone OS prior to 3.1. A crafted SMS arrival notification can trigger a NULL pointer dereference, causing a denial-of-service (service interruption). No explicit exploit details or patch information are provided in the connected documents; r...

7.8CVSS6.2AI score0.02467EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/09/10 9:0 p.m.29 views

CVE-2009-2207

The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone OS 3.0 for iPod touch, lists deleted e-mail messages in Spotlight search results, which might allow local users to obtain sensitive information by reading these messages...

5.4AI score0.00345EPSS
Exploits0References5
Cvelist
Cvelist
added 2009/09/10 9:0 p.m.24 views

CVE-2009-2796

The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password...

6.2AI score0.00363EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2009/09/10 12:0 a.m.15 views

PT-2009-4655 · Apple · Ios +3

Name of the Vulnerable Software and Affected Versions: Apple iPhone OS versions prior to 3.1 Apple iPhone OS versions prior to 3.1.1 for iPod touch Description: The issue is related to multiple heap-based buffer overflows in the AudioCodecs library within the CoreAudio component. This can be...

6.8CVSS7.4AI score0.04626EPSS
Exploits1References9
Packet Storm
Packet Storm
added 2009/09/02 12:0 a.m.20 views

dTunes 2.72 Format String

!/usr/bin/perl dTunes 2.72 local format string PoC filename processing TheLeader, GSOG2009 st0p hotmail sp4m com ShoutZ to the wonderful ppl over at forums.hacking.org.il = Copy the file over to your device on /var/mobile/Library/Downloads/ and attempt playing with dTunes. This can also be done...

0.1AI score
Exploits0
seebug.org
seebug.org
added 2009/09/02 12:0 a.m.7 views

Apple iPhone/iPod touch Mobile Safari Alert远程拒绝服务漏洞

Bugraq ID: 36195 iPod touch是苹果公司发布的MP4播放器,iPhone是其发布的智能手机。 Apple iPhone/iPod touch包含的Safari浏览器处理Alert函数存在问题,攻击者可以构建恶意WEB页,诱使用户打开,使应用程序崩溃。 Apple iPod Touch 2.2.1 Apple iPod Touch 2.0.2 Apple iPod Touch 2.0.1 Apple iPod Touch 1.1.4 Apple iPod Touch 1.1.3 Apple iPod Touch 1.1.2 Apple iPod Touch 1.1....

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2009/09/01 12:0 a.m.15 views

Apple iPhone 2.2.1 / 3.x Crash And Reboot

Apple iPhone MobileSafari Crash & Reboot TheLeader, GSOG2009 st0p hotmail sp4m com Shoutz: hacking.org.il, nullbyte.org.il Tested on iPod Touch 2G, OS 2.2.1 Launch MobileSafari, enter the page and MobileSafari will freeze. Wait for 4-5 minutes and the device will spontaneously reboot. Exploit: va...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2009/08/31 12:0 a.m.17 views

Apple iPhone 2.2.1/3.x (MobileSafari) Crash & Reboot Exploit

No description provided by source. Apple iPhone MobileSafari Crash & Reboot TheLeader, GSOG st0p hotmail sp4m com Shoutz: hacking.org.il nullbyte.org.il Tested on iPod Touch 2G, OS 2.2.1 Launch MobileSafari, enter the page and MobileSafari will freeze. Wait for 4-5 minutes and the device will...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/08/31 12:0 a.m.15 views

Apple iPhone 2.2.13.x - MobileSafari Crash + Reboot (Denial of Service)

Apple iPhone 2.2.13.x - MobileSafari Crash + Reboot Denial of Service Apple iPhone MobileSafari Crash & Reboot TheLeader, GSOG st0p hotmail sp4m com Shoutz: hacking.org.il nullbyte.org.il Tested on iPod Touch 2G, OS 2.2.1 Launch MobileSafari, enter the page and MobileSafari will freeze. Wait for...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/08/31 12:0 a.m.34 views

Apple iPhone 2.2.1/3.x - MobileSafari Crash + Reboot (Denial of Service)

Apple iPhone MobileSafari Crash & Reboot TheLeader, GSOG st0p hotmail sp4m com Shoutz: hacking.org.il nullbyte.org.il Tested on iPod Touch 2G, OS 2.2.1 Launch MobileSafari, enter the page and MobileSafari will freeze. Wait for 4-5 minutes and the device will spontaneously reboot. Exploit: var a =...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2009/08/26 3:43 p.m.10 views

iPhone Eavesdropping Coming Soon

From The Last Watchdog Byron Acohido How much time should vendors of popular technology be given to fix a known security flaw? That’s the central question of the “full disclosure” debate – and one that is being tested again via Karsten Nohl’s campaign to compile a decryption handbook useful for...

1AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2009/08/12 7:30 p.m.3 views

CVE-2009-2199

Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs...

5.8CVSS5.7AI score0.0259EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2009/08/12 7:0 p.m.29 views

CVE-2009-2199

Removed by vendor...

5.8CVSS6.7AI score0.0259EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2009/08/12 12:0 a.m.3 views

PT-2009-4648 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: Apple Safari versions prior to 4.0.3 iPhone OS versions prior to 3.1 iPhone OS versions prior to 3.1.1 for iPod touch Description: The issue allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via...

5.8CVSS6.1AI score0.0259EPSS
Exploits0References12
Rows per page
Query Builder