|
299171
|
- |
|
apple
|
iphone_os
|
FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial …
|
CWE-94
Code Injection
|
CVE-2011-3256
|
2024-11-21 10:30 |
2011-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299172
|
- |
|
apple
|
iphone_os
|
CFNetwork in Apple iOS before 5 stores AppleID credentials in an unspecified file, which makes it easier for remote attackers to obtain sensitive information via a crafted application.
|
CWE-255
Credentials Management
|
CVE-2011-3255
|
2024-11-21 10:30 |
2011-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299173
|
- |
|
apple
|
iphone_os
|
Cross-site scripting (XSS) vulnerability in Calendar in Apple iOS before 5 allows remote attackers to inject arbitrary web script or HTML via an invitation note.
|
CWE-79
Cross-site Scripting
|
CVE-2011-3254
|
2024-11-21 10:30 |
2011-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299174
|
- |
|
apple
|
iphone_os
|
CalDAV in Apple iOS before 5 does not validate X.509 certificates for SSL sessions, which allows man-in-the-middle attackers to spoof calendar servers and obtain sensitive information via an arbitrar…
|
CWE-200
Information Exposure
|
CVE-2011-3253
|
2024-11-21 10:30 |
2011-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299175
|
- |
|
apple
|
mac_os_x_server
mac_os_x
iphone_os
|
CFNetwork in Apple iOS before 5.0.1 and Mac OS X 10.7 before 10.7.2 does not properly parse URLs, which allows remote attackers to trigger visits to unintended web sites, and transmission of cookies …
|
CWE-200
Information Exposure
|
CVE-2011-3246
|
2024-11-21 10:30 |
2011-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299176
|
- |
|
apple
|
iphone_os
|
The Keyboards component in Apple iOS before 5 displays the final character of an entered password during a subsequent use of a keyboard, which allows physically proximate attackers to obtain sensitiv…
|
CWE-255
Credentials Management
|
CVE-2011-3245
|
2024-11-21 10:30 |
2011-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299177
|
- |
|
apple
|
iphone_os
safari
|
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactiv…
|
CWE-79
Cross-site Scripting
|
CVE-2011-3243
|
2024-11-21 10:30 |
2011-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299178
|
- |
|
apple
|
safari
|
The Private Browsing feature in Apple Safari before 5.1.1 on Mac OS X does not properly recognize the Always value of the Block Cookies setting, which makes it easier for remote web servers to track …
|
CWE-200
Information Exposure
|
CVE-2011-3242
|
2024-11-21 10:30 |
2011-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299179
|
- |
|
apple
|
safari
|
The SSL implementation in Apple Safari before 5.1.1 on Mac OS X before 10.7 accesses uninitialized memory during the processing of X.509 certificates, which allows remote web servers to execute arbit…
|
CWE-94
Code Injection
|
CVE-2011-3231
|
2024-11-21 10:30 |
2011-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299180
|
- |
|
apple
|
safari
|
Apple Safari before 5.1.1 on Mac OS X does not enforce an intended policy for file: URLs, which allows remote attackers to execute arbitrary code via a crafted web site.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-3230
|
2024-11-21 10:30 |
2011-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
