18 matches found
CVE-2008-3632
CVE-2008-3632 is a WebKit use-after-free vulnerability reported in SUSE/Nessus entries, affecting Apple iPod touch (1.1–2.0.2) and iPhone (1.0–2.0.2). The flaw arises in the CSS import handling of WebKit, enabling a remote attacker to trigger arbitrary code execution or cause an application crash...
CVE-2009-1692
CVE-2009-1692 affects WebKit (as used in Apple Safari, Mobile Safari on iPhone OS 1.0–2.2.x, iPod touch; and related WebKit-based apps). The issue is triggered by a large length attribute on an HTMLSelectElement, causing memory consumption or device reset (denial of service). Root cause: improper...
CVE-2009-1698
CVE-2009-1698 affects WebKit-based components (Safari before 4.0 and iPhone OS/iPod touch up to 2.2.1). The issue is an uninitialized pointer during handling of a CSS attr() function with a large numeric argument, enabling remote code execution or memory-corruption-induced denial of service via a...
CVE-2009-1725
CVE-2009-1725 is a vulnerability in WebKit-based rendering used by Apple Safari (and KDE’s khtml/kdelibs, QtWebKit, and related WebKit-powered components) where improper handling of numeric character references can allow remote attackers to cause memory corruption, potentially executing code or c...
CVE-2009-1702
CVE-2009-1702 is an XSS vulnerability in WebKit used by Apple Safari and the iPhone OS Safari implementation, allowing remote attackers to inject arbitrary web script or HTML via improper handling of Location and History objects. Affected products include Safari
CVE-2009-1724
Summary: CVE-2009-1724 is a cross-site scripting (XSS) vulnerability in WebKit used by Apple Safari prior to 4.0.2 (on iPhone OS before 3.1 and 3.1.1 for iPod touch, among others). Root cause: arbitrary web script/HTML can be injected via vectors related to parent and top objects. Impact (as stat...
CVE-2009-1700
The CVE-2009-1700 entry describes a vulnerability in WebKit’s XSLT handling that affects Apple Safari before 4.0, iPhone OS 1.0–2.2.1, and iPhone OS for iPod touch 1.1–2.2.1. The issue is improper processing of redirects, enabling remote attackers to read XML content from arbitrary pages via a cr...
CVE-2009-1701
CVE-2009-1701 is a use-after-free in WebKit's JavaScript DOM handling, affecting Apple Safari before 4.0 (and related iPhone OS versions). Exploitation involves destroying a document.body with an XML container and dir attributes, enabling remote code execution or a denial of service through memor...
CVE-2008-3950
The CVE is based on a real DoS vulnerability in WebKit used by Safari on iPhone/iPod touch (versions 1.1.4 and 2.0). The issue is an off-by-one in _web_drawInRect:withFont:ellipsis:alignment:measureOnly: triggered by a crafted alert() string with a length that is a multiple of the 4096-byte memor...
CVE-2009-1680
CVE-2009-1680 affects Safari on Apple iPhone OS versions 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1. The issue is that the browser does not properly clear the search history when cleared from the Settings application, allowing physically proximate attackers to obtain the sea...
CVE-2009-0960
CVE-2009-0960 affects Apple iPhone OS 1.0–2.2.1 and iPhone OS for iPod touch 1.1–2.2.1, specifically the Mail component. The underlying issue is that there is no option to disable remote image loading in HTML email, which allows a remote attacker to determine the device’s address and when an emai...
CVE-2009-0961
The CVE-2009-0961 issue affects Apple iPhone OS 1.0–2.2.1 and iPhone OS for iPod touch 1.1–2.2.1. The Mail component could dismiss the call-approval dialog when another alert appears, potentially allowing a remote attacker to place a call without user approval by triggering an alert. The connecte...
CVE-2009-2206
The CVE-2009-2206 issue affects Apple iPhone OS AudioCodecs (CoreAudio) where multiple heap-based buffer overflows occur while parsing AAC/MP3 streams. Vulnerable on iPhone OS <3.1 and iPod touch
CVE-2009-1683
The CVE-2009-1683 issue affects Apple iPhone OS 1.0–2.2.1 and iPhone OS for iPod touch 1.1–2.2.1, where a remote attacker can trigger a denial of service (device reset) via a crafted ICMP echo request. The root cause is described as a logic issue in the Telephony component, leading to an assertio...
CVE-2008-3631
CVE-2008-3631 affects Apple iPod touch/iPhone 2.0 era. The Application Sandbox fails to properly isolate third‑party applications, allowing a malicious or compromised third‑party app to read arbitrary files in another third‑party sandbox. Root cause: inadequate sandbox isolation between third‑par...
CVE-2009-0958
Apple iPhone OS 1.0–2.2.1 and iPhone OS for iPod touch 1.1–2.2.1 store an exception for a hostname after the user accepts an untrusted Exchange certificate, causing the certificate to be accepted in future use and enabling remote Exchange servers to obtain sensitive information such as credential...
CVE-2009-1679
The CVE covers Apple iPhone OS 1.0–2.2.1 and iPhone OS for iPod touch 1.1–2.2.1. The Profiles component, when installing a configuration profile, can replace ActiveSync’s password policy with a weaker one, allowing physically proximate attackers to bypass the policy. Impact: bypass of password po...
CVE-2009-0959
CVE-2009-0959 affects Apple iPhone OS 1.0–2.2.1 and iPhone OS for iPod touch 1.1–2.2.1. The vulnerability is in the MPEG-4 video codec and is caused by an input validation issue in a crafted MPEG-4 video file, leading to a denial of service (device reset). Exploitation details are not provided in...