|
270351
|
- |
|
apple
|
watchos
mac_os_x
iphone_os
|
dyld in Apple iOS before 9 allows attackers to bypass a code-signing protection mechanism via an app that places a crafted signature in an executable file.
|
CWE-254
7PK - Security Features
|
CVE-2015-5839
|
2024-11-21 11:33 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270352
|
- |
|
apple
|
iphone_os
|
SpringBoard in Apple iOS before 9 does not properly restrict access to privileged API calls, which allows attackers to spoof the dialog windows of an arbitrary app via a crafted app.
|
CWE-284
Improper Access Control
|
CVE-2015-5838
|
2024-11-21 11:33 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270353
|
- |
|
apple
|
watchos
iphone_os
|
PluginKit in Apple iOS before 9 allows attackers to bypass an intended app-trust requirement and install arbitrary extensions via a crafted enterprise app.
|
CWE-20
Improper Input Validation
|
CVE-2015-5837
|
2024-11-21 11:33 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270354
|
- |
|
apple
|
iphone_os
|
Apple iOS before 9 allows attackers to obtain sensitive information about inter-app communication via a crafted app that conducts an interception attack involving an unspecified URL scheme.
|
CWE-200
Information Exposure
|
CVE-2015-5835
|
2024-11-21 11:33 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270355
|
- |
|
apple
|
iphone_os
watchos
|
IOAcceleratorFamily in Apple iOS before 9 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.
|
CWE-200
Information Exposure
|
CVE-2015-5834
|
2024-11-21 11:33 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270356
|
- |
|
apple
|
iphone_os
|
The iTunes Store component in Apple iOS before 9 does not properly delete AppleID credentials from the keychain upon a signout action, which might allow physically proximate attackers to obtain sensi…
|
CWE-200
Information Exposure
|
CVE-2015-5832
|
2024-11-21 11:33 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270357
|
- |
|
apple
|
mac_os_x
iphone_os
|
NetworkExtension in the kernel in Apple iOS before 9 does not properly initialize an unspecified data structure, which allows attackers to obtain sensitive memory-layout information via a crafted app.
|
CWE-200
Information Exposure
|
CVE-2015-5831
|
2024-11-21 11:33 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270358
|
- |
|
apple
|
iphone_os
watchos
|
Data Detectors Engine in Apple iOS before 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5829
|
2024-11-21 11:33 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270359
|
- |
|
apple
|
safari
iphone_os
|
WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a (1) custom event, (2) message event, or (3) pop state even…
|
CWE-200
Information Exposure
|
CVE-2015-5827
|
2024-11-21 11:33 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270360
|
- |
|
apple
|
safari
iphone_os
|
WebKit in Apple iOS before 9 does not properly select the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass…
|
CWE-284
Improper Access Control
|
CVE-2015-5826
|
2024-11-21 11:33 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
