Apple

iPhone OS

3904 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2015-3725

  • EPSS 0.6%
  • Veröffentlicht 03.07.2015 02:00:16
  • Zuletzt bearbeitet 12.04.2025 10:46:40

MobileInstallation in Apple iOS before 8.4 does not ensure the uniqueness of Watch bundle IDs, which allows attackers to cause a denial of service (ID collision and Watch launch outage) via a crafted universal provisioning profile app.

6.8

CVE-2015-3724

  • EPSS 1.18%
  • Veröffentlicht 03.07.2015 02:00:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulnerability than CVE-2015-3723.

6.8

CVE-2015-3723

  • EPSS 1.18%
  • Veröffentlicht 03.07.2015 02:00:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulnerability than CVE-2015-3724.

4.3

CVE-2015-3722

  • EPSS 0.6%
  • Veröffentlicht 03.07.2015 02:00:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Application Store in Apple iOS before 8.4 does not ensure the uniqueness of bundle IDs, which allows attackers to cause a denial of service (ID collision and launch outage) via a crafted universal provisioning profile app.

4.3

CVE-2015-3721

  • EPSS 0.58%
  • Veröffentlicht 03.07.2015 02:00:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app.

6.8

CVE-2015-3719

  • EPSS 1.4%
  • Veröffentlicht 03.07.2015 02:00:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3694.

7.5

CVE-2015-3717

  • EPSS 1.86%
  • Veröffentlicht 03.07.2015 02:00:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

4.3

CVE-2015-3710

  • EPSS 0.52%
  • Veröffentlicht 03.07.2015 02:00:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.

6.8

CVE-2015-3703

  • EPSS 1.91%
  • Veröffentlicht 03.07.2015 01:59:56
  • Zuletzt bearbeitet 12.04.2025 10:46:40

ImageIO in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image.

6.8

CVE-2015-3694

  • EPSS 1.4%
  • Veröffentlicht 03.07.2015 01:59:48
  • Zuletzt bearbeitet 12.04.2025 10:46:40

FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3719.