|
294591
|
- |
|
apple
|
itunes
|
The iTunes ActiveX control in Apple iTunes before 11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1035
|
2024-11-21 10:48 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294592
|
- |
|
apple
|
os_x_server
|
Multiple cross-site scripting (XSS) vulnerabilities in Wiki Server in Apple Mac OS X Server before 2.2.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-1034
|
2024-11-21 10:48 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294593
|
- |
|
apple
|
iphone_os
|
Data Protection in Apple iOS before 7 allows attackers to bypass intended limits on incorrect passcode entry, and consequently avoid a configured Erase Data setting, by leveraging the presence of an …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0957
|
2024-11-21 10:48 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294594
|
- |
|
apple
|
mac_os_x
|
Screen Lock in Apple Mac OS X before 10.8.5 does not properly track sessions, which allows remote authenticated users to bypass locking by leveraging screen-sharing access.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1033
|
2024-11-21 10:48 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294595
|
- |
|
apple
|
mac_os_x
quicktime
|
QuickTime in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted idsc atom in a QuickTi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1032
|
2024-11-21 10:48 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294596
|
- |
|
apple
|
mac_os_x
|
Power Management in Apple Mac OS X before 10.8.5 does not properly perform locking upon occurrences of a power assertion, which allows physically proximate attackers to bypass intended access restric…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1031
|
2024-11-21 10:48 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294597
|
- |
|
apple
|
mac_os_x
|
mdmclient in Mobile Device Management in Apple Mac OS X before 10.8.5 places a password on the command line, which allows local users to obtain sensitive information by listing the process.
|
CWE-200
Information Exposure
|
CVE-2013-1030
|
2024-11-21 10:48 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294598
|
- |
|
apple
|
mac_os_x
|
The kernel in Apple Mac OS X before 10.8.5 allows remote attackers to cause a denial of service (panic) via crafted IGMP packets that leverage incorrect, extraneous code in the IGMP parser.
|
CWE-20
Improper Input Validation
|
CVE-2013-1029
|
2024-11-21 10:48 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294599
|
- |
|
apple
|
iphone_os
mac_os_x
|
The IPSec implementation in Apple Mac OS X before 10.8.5, when Hybrid Auth is used, does not verify X.509 certificates from security gateways, which allows man-in-the-middle attackers to spoof securi…
|
CWE-20
Improper Input Validation
|
CVE-2013-1028
|
2024-11-21 10:48 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294600
|
- |
|
apple
|
mac_os_x
|
Installer in Apple Mac OS X before 10.8.5 provides an option to continue a package's installation after encountering a revoked certificate, which might allow user-assisted remote attackers to execute…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1027
|
2024-11-21 10:48 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
