|
2821
|
-
4.3
|
MEDIUM
|
The Audio component in Apple iOS before 9 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted audio file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5862
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2822
|
-
2.1
|
LOW
|
SpringBoard in Apple iOS before 9 allows physically proximate attackers to bypass a lock-screen preview-disabled setting, and reply to an audio message, via unspecified vectors.
|
CWE-284
Improper Access Control
|
CVE-2015-5861
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2823
|
-
5.0
|
MEDIUM
|
The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remote attackers to bypass the Safari private-browsing protection mechanism and track users via a crafte…
|
CWE-200
Information Exposure
|
CVE-2015-5860
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2824
|
-
5.0
|
MEDIUM
|
The CFNetwork HTTPProtocol component in Apple iOS before 9 allows remote attackers to bypass the HSTS protection mechanism, and consequently obtain sensitive information, via a crafted URL.
|
CWE-200
Information Exposure
|
CVE-2015-5858
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2825
|
-
5.0
|
MEDIUM
|
Mail in Apple iOS before 9 allows remote attackers to use an address-book contact as a spoofed e-mail sender address via unspecified vectors.
|
CWE-254
7PK - Security Features
|
CVE-2015-5857
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2826
|
-
4.3
|
MEDIUM
|
The Application Store component in Apple iOS before 9 allows remote attackers to cause a denial of service to an enterprise-signed app via a crafted ITMS URL.
|
CWE-254
7PK - Security Features
|
CVE-2015-5856
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:34
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2827
|
-
4.3
|
MEDIUM
|
Apple iOS before 9 allows attackers to discover the e-mail address of a player via a crafted Game Center app.
|
CWE-200
Information Exposure
|
CVE-2015-5855
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:33
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2828
|
-
2.1
|
LOW
|
The convenience initializer in the Multipeer Connectivity component in Apple iOS before 9 does not require an encrypted session, which allows local users to obtain cleartext multipeer data via an enc…
|
CWE-200
Information Exposure
|
CVE-2015-5851
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:33
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2829
|
-
2.1
|
LOW
|
AppleKeyStore in Apple iOS before 9 allows physically proximate attackers to reset the count of incorrect passcode attempts via a device backup.
|
CWE-254
7PK - Security Features
|
CVE-2015-5850
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:33
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2830
|
-
7.2
|
HIGH
|
IOAcceleratorFamily in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5848
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
8.4.1
|
|
|
2024-11-21 11:33
2015-09-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|