|
290181
|
- |
|
apple
|
iphone_os
|
The Sandbox subsystem in Apple iOS before 7 determines the sandboxing requirement for a #! application on the basis of the script interpreter instead of the script, which allows attackers to bypass i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5154
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290182
|
- |
|
apple
|
iphone_os
|
Springboard in Apple iOS before 7 does not properly manage the lock state in Lost Mode, which allows physically proximate attackers to read notifications via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5153
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290183
|
- |
|
apple
|
iphone_os
|
Mobile Safari in Apple iOS before 7 allows remote attackers to spoof the URL bar via a crafted web site.
|
CWE-20
Improper Input Validation
|
CVE-2013-5152
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290184
|
- |
|
apple
|
iphone_os
|
Mobile Safari in Apple iOS before 7 does not prevent HTML interpretation of a document served with a text/plain content type, which allows remote attackers to conduct cross-site scripting (XSS) attac…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5151
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290185
|
- |
|
apple
|
iphone_os
|
The history-clearing feature in Safari in Apple iOS before 7 does not clear the back/forward history of an open tab, which allows physically proximate attackers to obtain sensitive information by lev…
|
CWE-200
Information Exposure
|
CVE-2013-5150
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290186
|
- |
|
apple
|
iphone_os
|
The Push Notifications subsystem in Apple iOS before 7 provides the push-notification token to an app without user approval, which allows attackers to obtain sensitive information via an app that emp…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5149
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290187
|
- |
|
apple
|
iphone_os
|
Passcode Lock in Apple iOS before 7 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement by leveraging a race condition invo…
|
CWE-362
Race Condition
|
CVE-2013-5147
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290188
|
- |
|
apple
|
iphone_os
|
kextd in Kext Management in Apple iOS before 7 does not properly verify authorization for IPC messages, which allows local users to (1) load or (2) unload kernel extensions via a crafted message.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5145
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290189
|
- |
|
apple
|
iphone_os
|
The kernel in Apple iOS before 7 does not initialize unspecified kernel data structures, which allows local users to obtain sensitive information from kernel stack memory via the (1) msgctl API or (2…
|
CWE-200
Information Exposure
|
CVE-2013-5142
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290190
|
- |
|
apple
|
iphone_os
|
The kernel in Apple iOS before 7 uses an incorrect data size for a certain integer variable, which allows attackers to cause a denial of service (infinite loop and device hang) via a crafted applicat…
|
CWE-189
Numeric Errors
|
CVE-2013-5141
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
