4275 matches found
CVE-2009-2815
The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service NULL pointer dereference and service interruption via a crafted SMS message...
CVE-2009-2797
CVE-2009-2797 affects the WebKit component used by Safari on Apple iPhone OS prior to 3.1 (and iPhone OS prior to 3.1.1 on iPod touch). The issue is that usernames and passwords sent in URLs are not removed from Referer headers, allowing remote attackers to obtain sensitive information by reading...
CVE-2009-2795
CVE-2009-2795: Heap-based buffer overflow in the Recovery Mode component of Apple iPhone OS before 3.1 and iPhone OS before 3.1.1 for iPod touch allows local users to bypass the passcode and access arbitrary data via vectors related to "command parsing." This description is supported by multiple ...
CVE-2009-2794
The CVE-2009-2794 issue affects Apple iPhone OS before 3.1 (and iPhone OS before 3.1.1 on iPod touch) in the Exchange Support component. The root cause is the Maximum inactivity time lock not being properly implemented, which lets a local user bypass Exchange restrictions by selecting a large Req...
CVE-2009-2206
The CVE-2009-2206 issue affects Apple iPhone OS AudioCodecs (CoreAudio) where multiple heap-based buffer overflows occur while parsing AAC/MP3 streams. Vulnerable on iPhone OS <3.1 and iPod touch
CVE-2009-2796
CVE-2009-2796 affects the UIKit component in Apple iPhone OS 3.0 (and 3.0.1 on iPod touch). The issue lets physically proximate attackers observe a user’s password when the user undoes deletions in a password field, exposing partial confidentiality. The source documents do not provide a mitigatio...
CVE-2009-2815
CVE-2009-2815 affects the Telephony component in Apple iPhone OS prior to 3.1. A crafted SMS arrival notification can trigger a NULL pointer dereference, causing a denial-of-service (service interruption). No explicit exploit details or patch information are provided in the connected documents; r...
CVE-2009-2207
The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone OS 3.0 for iPod touch, lists deleted e-mail messages in Spotlight search results, which might allow local users to obtain sensitive information by reading these messages...
CVE-2009-2796
The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password...
PT-2009-4655 · Apple · Ios +3
Name of the Vulnerable Software and Affected Versions: Apple iPhone OS versions prior to 3.1 Apple iPhone OS versions prior to 3.1.1 for iPod touch Description: The issue is related to multiple heap-based buffer overflows in the AudioCodecs library within the CoreAudio component. This can be...
dTunes 2.72 Format String
!/usr/bin/perl dTunes 2.72 local format string PoC filename processing TheLeader, GSOG2009 st0p hotmail sp4m com ShoutZ to the wonderful ppl over at forums.hacking.org.il = Copy the file over to your device on /var/mobile/Library/Downloads/ and attempt playing with dTunes. This can also be done...
Apple iPhone/iPod touch Mobile Safari Alert远程拒绝服务漏洞
Bugraq ID: 36195 iPod touch是苹果公司发布的MP4播放器,iPhone是其发布的智能手机。 Apple iPhone/iPod touch包含的Safari浏览器处理Alert函数存在问题,攻击者可以构建恶意WEB页,诱使用户打开,使应用程序崩溃。 Apple iPod Touch 2.2.1 Apple iPod Touch 2.0.2 Apple iPod Touch 2.0.1 Apple iPod Touch 1.1.4 Apple iPod Touch 1.1.3 Apple iPod Touch 1.1.2 Apple iPod Touch 1.1....
Apple iPhone 2.2.1 / 3.x Crash And Reboot
Apple iPhone MobileSafari Crash & Reboot TheLeader, GSOG2009 st0p hotmail sp4m com Shoutz: hacking.org.il, nullbyte.org.il Tested on iPod Touch 2G, OS 2.2.1 Launch MobileSafari, enter the page and MobileSafari will freeze. Wait for 4-5 minutes and the device will spontaneously reboot. Exploit: va...
Apple iPhone 2.2.1/3.x (MobileSafari) Crash & Reboot Exploit
No description provided by source. Apple iPhone MobileSafari Crash & Reboot TheLeader, GSOG st0p hotmail sp4m com Shoutz: hacking.org.il nullbyte.org.il Tested on iPod Touch 2G, OS 2.2.1 Launch MobileSafari, enter the page and MobileSafari will freeze. Wait for 4-5 minutes and the device will...
Apple iPhone 2.2.13.x - MobileSafari Crash + Reboot (Denial of Service)
Apple iPhone 2.2.13.x - MobileSafari Crash + Reboot Denial of Service Apple iPhone MobileSafari Crash & Reboot TheLeader, GSOG st0p hotmail sp4m com Shoutz: hacking.org.il nullbyte.org.il Tested on iPod Touch 2G, OS 2.2.1 Launch MobileSafari, enter the page and MobileSafari will freeze. Wait for...
Apple iPhone 2.2.1/3.x - MobileSafari Crash + Reboot (Denial of Service)
Apple iPhone MobileSafari Crash & Reboot TheLeader, GSOG st0p hotmail sp4m com Shoutz: hacking.org.il nullbyte.org.il Tested on iPod Touch 2G, OS 2.2.1 Launch MobileSafari, enter the page and MobileSafari will freeze. Wait for 4-5 minutes and the device will spontaneously reboot. Exploit: var a =...
iPhone Eavesdropping Coming Soon
From The Last Watchdog Byron Acohido How much time should vendors of popular technology be given to fix a known security flaw? That’s the central question of the “full disclosure” debate – and one that is being tested again via Karsten Nohl’s campaign to compile a decryption handbook useful for...
CVE-2009-2199
Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs...
CVE-2009-2199
Removed by vendor...
PT-2009-4648 · Apple · Ios +1
Name of the Vulnerable Software and Affected Versions: Apple Safari versions prior to 4.0.3 iPhone OS versions prior to 3.1 iPhone OS versions prior to 3.1.1 for iPod touch Description: The issue allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via...