Iphone Os@8.0.2 Security Vulnerabilities and Issues — Iphone Os@8.0.2 CVE List

Lucene search

AppleIphone Os8.0.2

9 matches found

CVE•added 2017/09/12 3:29 p.m.•181 views

CVE-2017-14315

In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attack...

7.9CVSS7.5AI score0.00074EPSS

CVE•added 2015/05/28 1:59 a.m.•67 views

CVE-2015-1157

CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2...

7.8CVSS3.8AI score0.03098EPSS

CVE•added 2014/11/18 11:59 a.m.•54 views

CVE-2014-4460

CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading cache files.

2.1CVSS2.8AI score0.00072EPSS

CVE•added 2014/11/18 11:59 a.m.•52 views

CVE-2014-4453

Apple iOS before 8.1.1 and OS X before 10.10.1 include location data during establishment of a Spotlight Suggestions server connection by Spotlight or Safari, which might allow remote attackers to obtain sensitive information via unspecified vectors.

5CVSS5.5AI score0.00782EPSS

CVE•added 2014/11/18 11:59 a.m.•50 views

CVE-2014-4462

WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4452.

5.8CVSS7.8AI score0.01266EPSS

CVE•added 2014/11/18 11:59 a.m.•45 views

CVE-2014-4461

The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application.

9.3CVSS4.2AI score0.0186EPSS

CVE•added 2014/11/18 11:59 a.m.•42 views

CVE-2014-4451

Apple iOS before 8.1.1 does not properly enforce the failed-passcode limit, which makes it easier for physically proximate attackers to bypass the lock-screen protection mechanism via a series of guesses.

7.2CVSS5.7AI score0.00072EPSS

CVE•added 2014/11/18 11:59 a.m.•40 views

CVE-2014-4457

The Sandbox Profiles subsystem in Apple iOS before 8.1.1 does not properly implement the debugserver sandbox, which allows attackers to bypass intended binary-execution restrictions via a crafted application that is run during a time period when debugging is not enabled.

7.5CVSS5.5AI score0.01115EPSS

CVE•added 2014/11/18 11:59 a.m.•36 views

CVE-2014-4463

Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature.

2.1CVSS5.9AI score0.00082EPSS