|
291091
|
- |
|
apple
|
iphone_os
|
Mobile Safari in Apple iOS before 7 does not prevent HTML interpretation of a document served with a text/plain content type, which allows remote attackers to conduct cross-site scripting (XSS) attac…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5151
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291092
|
- |
|
apple
|
iphone_os
|
The history-clearing feature in Safari in Apple iOS before 7 does not clear the back/forward history of an open tab, which allows physically proximate attackers to obtain sensitive information by lev…
|
CWE-200
Information Exposure
|
CVE-2013-5150
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291093
|
- |
|
apple
|
iphone_os
|
The Push Notifications subsystem in Apple iOS before 7 provides the push-notification token to an app without user approval, which allows attackers to obtain sensitive information via an app that emp…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5149
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291094
|
- |
|
apple
|
iphone_os
|
Passcode Lock in Apple iOS before 7 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement by leveraging a race condition invo…
|
CWE-362
Race Condition
|
CVE-2013-5147
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291095
|
- |
|
apple
|
iphone_os
|
kextd in Kext Management in Apple iOS before 7 does not properly verify authorization for IPC messages, which allows local users to (1) load or (2) unload kernel extensions via a crafted message.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5145
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291096
|
- |
|
apple
|
iphone_os
|
The kernel in Apple iOS before 7 does not initialize unspecified kernel data structures, which allows local users to obtain sensitive information from kernel stack memory via the (1) msgctl API or (2…
|
CWE-200
Information Exposure
|
CVE-2013-5142
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291097
|
- |
|
apple
|
iphone_os
|
The kernel in Apple iOS before 7 uses an incorrect data size for a certain integer variable, which allows attackers to cause a denial of service (infinite loop and device hang) via a crafted applicat…
|
CWE-189
Numeric Errors
|
CVE-2013-5141
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291098
|
- |
|
apple
|
iphone_os
|
The kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (assertion failure and device restart) via an invalid packet fragment.
|
CWE-20
Improper Input Validation
|
CVE-2013-5140
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291099
|
- |
|
apple
|
iphone_os
|
The IOSerialFamily driver in Apple iOS before 7 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds array access) via a crafted application.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5139
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291100
|
- |
|
apple
|
iphone_os
|
IOCatalogue in IOKitUser in Apple iOS before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via a crafted application.
|
NVD-CWE-Other
|
CVE-2013-5138
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
