Iphone Os Security Vulnerabilities and Issues — Iphone Os CVE List

Lucene search

AppleIphone Os

7 matches found

CVE•added 2013/06/05 2:39 p.m.•62 views

CVE-2013-3951

sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users to bypass cookie randomization by executing a program with a call-path beginning with the stack-gua...

4.6CVSS5.7AI score0.00061EPSS

CVE•added 2013/06/05 2:39 p.m.•48 views

CVE-2013-3953

The mach_port_space_info function in osfmk/ipc/mach_debug.c in the XNU kernel in Apple Mac OS X 10.8.x does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted call.

4.9CVSS4.9AI score0.00146EPSS

CVE•added 2013/06/05 2:39 p.m.•43 views

CVE-2013-3950

Stack-based buffer overflow in the openSharedCacheFile function in dyld.cpp in dyld in Apple iOS 5.1.x and 6.x through 6.1.3 makes it easier for attackers to conduct untethering attacks via a long string in the DYLD_SHARED_CACHE_DIR environment variable.

5CVSS6.2AI score0.00845EPSS

CVE•added 2013/06/05 2:39 p.m.•42 views

CVE-2013-3948

Apple iOS 6.1.3 does not follow redirects during determination of the hostname to display in an iOS Enterprise Deployment installation dialog, which makes it easier for remote attackers to trigger installation of arbitrary applications via a download-manifest itms-services:// URL that leverages an ...

4.3CVSS6AI score0.00389EPSS

CVE•added 2013/06/05 2:39 p.m.•40 views

CVE-2013-3955

The get_xattrinfo function in the XNU kernel in Apple iOS 5.x and 6.x through 6.1.3 on iPad devices does not properly validate the header of an AppleDouble file, which might allow local users to cause a denial of service (memory corruption) or have unspecified other impact via an invalid file on an...

6.2CVSS6.4AI score0.00182EPSS

CVE•added 2013/06/05 2:39 p.m.•39 views

CVE-2013-3954

The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not properly validate the data for file actions and port actions, which allows local users to (1) cause a denial of service (panic) via a size value that is inconsistent with a header count field, or (2) obtain sensitive in...

6.9CVSS5.8AI score0.00116EPSS

CVE•added 2013/06/18 2:55 p.m.•38 views

CVE-2013-4616

The WifiPasswordController generateDefaultPassword method in Preferences in Apple iOS 6 and earlier relies on the UITextChecker suggestWordInLanguage method for selection of Wi-Fi hotspot WPA2 PSK passphrases, which makes it easier for remote attackers to obtain access via a brute-force attack that...

5.8CVSS5.9AI score0.00568EPSS