7 matches found
CVE-2014-1252
CVE-2014-1252 corresponds to a double-free in Apple's Office Viewer when processing Microsoft Word documents. Affected product: macOS/iOS Apple Office components (Office Viewer/Word handling). Root cause: memory management error (double free) in Word document handling. Impact: remote code executi...
CVE-2025-46316
CVE-2025-46316 describes an out-of-bounds read vulnerability that occurs when processing a malicious Pages document. The root cause is insufficient bounds checking, addressed by improved input validation. Affected software includes Pages 15.1 on macOS Tahoe 26.1, as well as iOS 26.1 and iPadOS 26...
CVE-2015-7034
The CVE-2015-7034 entry applies to Apple iWork / Pages prior to versions: iOS iWork (2.6) and Pages (5.6) where parsing a crafted Pages document can trigger memory corruption, allowing remote code execution or a denial of service (application crash). The connected documents corroborate a memory‑c...
CVE-2017-2391
The CVE-2017-2391 issue affects Apple iWork exports (Pages, Numbers, Keynote) on macOS and iOS prior to the patched versions. Root cause: iWork exported PDFs used weak 40-bit RC4 encryption, enabling exposure of password-protected PDF contents. Affected versions include Pages 6.0/6.1, Numbers 4.0...
CVE-2015-3784
CVE-2015-3784 affects Apple’s Office Viewer in iOS versions before 8.4.1 and OS X versions before 10.10.5. The issue arises from an XML External Entity (XXE) vulnerability where an external entity declaration, combined with an entity reference, enables a remote attacker to read arbitrary files vi...
CVE-2015-7032
CVE-2015-7032 affects Apple iWork suite: Keynote <6.6, Pages <5.6, Numbers <3.6, and iWork for iOS
CVE-2015-7033
CVE-2015-7033 affects Apple iWork suite: Keynote 6.6, Pages 5.6, Numbers 3.6, and iWork for iOS 2.6. Root cause is memory corruption due to parsing a maliciously crafted document, enabling remote arbitrary code execution or application crash. Apple’s advisory notes updates addressing the issue; r...