Apple

iPhone OS

4053 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.12%
  • Veröffentlicht 14.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-...

  • EPSS 2.12%
  • Veröffentlicht 14.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-...

  • EPSS 1.74%
  • Veröffentlicht 14.03.2014 10:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Backup in Apple iOS before 7.1 does not properly restrict symlinks, which allows remote attackers to overwrite files during a restore operation via crafted backup data.

  • EPSS 6.79%
  • Veröffentlicht 14.03.2014 10:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

TelephonyUI Framework in Apple iOS 7 before 7.1, when Safari is used, does not require user confirmation for FaceTime audio calls, which allows remote attackers to obtain telephone number or e-mail address information via a facetime-audio: URL.

  • EPSS 1.12%
  • Veröffentlicht 14.03.2014 10:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Configuration Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 does not properly evaluate the expiration date of a mobile configuration profile, which allows attackers to bypass intended access restrictions by using a profile af...

  • EPSS 1.25%
  • Veröffentlicht 14.03.2014 10:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

CoreCapture in Apple iOS before 7.1 and Apple TV before 6.1 does not properly validate IOKit API calls, which allows attackers to cause a denial of service (assertion failure and device crash) via a crafted app.

  • EPSS 0.35%
  • Veröffentlicht 14.03.2014 10:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to change arbitrary file permissions by leveraging a symlink.

  • EPSS 1.13%
  • Veröffentlicht 14.03.2014 10:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

dyld in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass code-signing requirements by leveraging use of text-relocation instructions in a dynamic library.

  • EPSS 0.36%
  • Veröffentlicht 14.03.2014 10:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

FaceTime in Apple iOS before 7.1 allows physically proximate attackers to obtain sensitive FaceTime contact information by using the lock screen for an invalid FaceTime call.

Exploit
  • EPSS 5.72%
  • Veröffentlicht 22.02.2014 17:05:21
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x ...