Apple

iPhone OS

3839 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2013-5140

  • EPSS 0.66%
  • Veröffentlicht 19.09.2013 10:28:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (assertion failure and device restart) via an invalid packet fragment.

7.1

CVE-2013-5141

  • EPSS 0.5%
  • Veröffentlicht 19.09.2013 10:28:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The kernel in Apple iOS before 7 uses an incorrect data size for a certain integer variable, which allows attackers to cause a denial of service (infinite loop and device hang) via a crafted application, related to an "integer truncation vulnerabilit...

4.9

CVE-2013-5142

  • EPSS 0.06%
  • Veröffentlicht 19.09.2013 10:28:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The kernel in Apple iOS before 7 does not initialize unspecified kernel data structures, which allows local users to obtain sensitive information from kernel stack memory via the (1) msgctl API or (2) segctl API.

6.3

CVE-2013-5145

  • EPSS 0.05%
  • Veröffentlicht 19.09.2013 10:28:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

kextd in Kext Management in Apple iOS before 7 does not properly verify authorization for IPC messages, which allows local users to (1) load or (2) unload kernel extensions via a crafted message.

3.7

CVE-2013-5147

  • EPSS 0.48%
  • Veröffentlicht 19.09.2013 10:28:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Passcode Lock in Apple iOS before 7 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement by leveraging a race condition involving phone calls and ejection of a SIM card.

4.3

CVE-2013-5149

  • EPSS 0.3%
  • Veröffentlicht 19.09.2013 10:28:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Push Notifications subsystem in Apple iOS before 7 provides the push-notification token to an app without user approval, which allows attackers to obtain sensitive information via an app that employs a crafted push-notification registration proce...

1.9

CVE-2013-5150

  • EPSS 0.07%
  • Veröffentlicht 19.09.2013 10:28:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The history-clearing feature in Safari in Apple iOS before 7 does not clear the back/forward history of an open tab, which allows physically proximate attackers to obtain sensitive information by leveraging an unattended workstation.

4.3

CVE-2013-5151

  • EPSS 0.3%
  • Veröffentlicht 19.09.2013 10:28:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Mobile Safari in Apple iOS before 7 does not prevent HTML interpretation of a document served with a text/plain content type, which allows remote attackers to conduct cross-site scripting (XSS) attacks by uploading a file.

4.3

CVE-2013-5152

  • EPSS 0.37%
  • Veröffentlicht 19.09.2013 10:28:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Mobile Safari in Apple iOS before 7 allows remote attackers to spoof the URL bar via a crafted web site.

2.1

CVE-2013-5153

  • EPSS 0.07%
  • Veröffentlicht 19.09.2013 10:28:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Springboard in Apple iOS before 7 does not properly manage the lock state in Lost Mode, which allows physically proximate attackers to read notifications via unspecified vectors.