|
3511
|
-
5.0
|
MEDIUM
|
The stateless address autoconfiguration (aka SLAAC) functionality in the IPv6 networking implementation in Apple iOS before 4.3 and Apple TV before 4.2 places the MAC address into the IPv6 address, w…
|
CWE-200
Information Exposure
|
CVE-2011-1418
|
cpe:2.3:o:apple:iphone_os:4.1:* cpe:2.3:o:apple:iphone_os:4.0:* cpe:2.3:o:apple:iphone_os:4.0.2:* cpe:2.3:o:ap…
|
|
4.2
|
|
|
2024-11-21 10:26
2011-03-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3512
|
-
4.3
|
MEDIUM
|
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle unspecified "cached resources," which allows remote attackers to cause a denial of service (resource unavaila…
|
CWE-20
Improper Input Validation
|
CVE-2011-0163
|
cpe:2.3:o:apple:iphone_os:4.1:* cpe:2.3:o:apple:iphone_os:4.0:* cpe:2.3:o:apple:iphone_os:4.0.2:* cpe:2.3:o:ap…
|
|
4.2
|
|
|
2024-11-21 10:23
2011-03-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3513
|
-
7.8
|
HIGH
|
Wi-Fi in Apple iOS before 4.3 and Apple TV before 4.2 does not properly perform bounds checking for Wi-Fi frames, which allows remote attackers to cause a denial of service (device reset) via unspeci…
|
CWE-20
Improper Input Validation
|
CVE-2011-0162
|
cpe:2.3:o:apple:iphone_os:4.1:* cpe:2.3:o:apple:iphone_os:4.0:* cpe:2.3:o:apple:iphone_os:4.0.2:* cpe:2.3:o:ap…
|
|
4.2
|
|
|
2024-11-21 10:23
2011-03-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3514
|
-
4.3
|
MEDIUM
|
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle the Attr.style accessor, which allows remote attackers to bypass the Same Origin Policy and inject Cascading …
|
CWE-264 CWE-20
Permissions, Privileges, and Access Controls Improper Input Validation
|
CVE-2011-0161
|
cpe:2.3:o:apple:iphone_os:4.1:* cpe:2.3:o:apple:iphone_os:4.0:* cpe:2.3:o:apple:iphone_os:4.0.2:* cpe:2.3:o:ap…
|
|
4.2
|
|
|
2024-11-21 10:23
2011-03-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3515
|
-
5.0
|
MEDIUM
|
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle redirects in conjunction with HTTP Basic Authentication, which might allow remote web servers to capture cred…
|
CWE-20
Improper Input Validation
|
CVE-2011-0160
|
cpe:2.3:o:apple:iphone_os:4.1:* cpe:2.3:o:apple:iphone_os:4.0:* cpe:2.3:o:apple:iphone_os:4.0.2:* cpe:2.3:o:ap…
|
|
4.2
|
|
|
2024-11-21 10:23
2011-03-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3516
|
-
5.0
|
MEDIUM
|
The Safari Settings feature in Safari in Apple iOS 4.x before 4.3 does not properly implement the clearing of cookies during execution of the Safari application, which might make it easier for remote…
|
CWE-20
Improper Input Validation
|
CVE-2011-0159
|
cpe:2.3:o:apple:iphone_os:4.2:* cpe:2.3:o:apple:iphone_os:4.1:* cpe:2.3:o:apple:iphone_os:4.0:*
|
|
|
|
|
2024-11-21 10:23
2011-03-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3517
|
-
4.3
|
MEDIUM
|
MobileSafari in Apple iOS before 4.3 does not properly implement application launching through URL handlers, which allows remote attackers to cause a denial of service (persistent application crash) …
|
CWE-20
Improper Input Validation
|
CVE-2011-0158
|
cpe:2.3:o:apple:iphone_os:4.1:* cpe:2.3:o:apple:iphone_os:4.0:* cpe:2.3:o:apple:iphone_os:4.0.2:* cpe:2.3:o:ap…
|
|
4.2
|
|
|
2024-11-21 10:23
2011-03-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3518
|
-
7.5
|
HIGH
|
WebKit, as used in Apple iOS before 4.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different v…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0157
|
cpe:2.3:o:apple:iphone_os:4.1:* cpe:2.3:o:apple:iphone_os:4.0:* cpe:2.3:o:apple:iphone_os:4.0.2:* cpe:2.3:o:ap…
|
|
4.2
|
|
|
2024-11-21 10:23
2011-03-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3519
|
-
6.8
|
MEDIUM
|
Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in Apple iOS before 4.2.7 and 4.3.x before 4.3.2, allows remote attackers to execute arbitrary code or cause a …
|
CWE-189
Numeric Errors
|
CVE-2011-1417
|
cpe:2.3:o:apple:iphone_os:4.3.1:* cpe:2.3:o:apple:iphone_os:4.3.0:* cpe:2.3:o:apple:iphone_os:4.2:* cpe:2.3:o:…
|
|
4.2.5
|
|
|
2024-11-21 10:26
2011-03-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3520
|
-
6.8
|
MEDIUM
|
Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a…
|
CWE-20
Improper Input Validation
|
CVE-2011-1204
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
5.0
|
2024-11-21 10:25
2011-03-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|