CVE-2012-3726
- EPSS 2.15%
- Veröffentlicht 20.09.2012 21:55:03
- Zuletzt bearbeitet 16.06.2026 23:43:49
Double free vulnerability in ImageIO in Apple iOS before 6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.
CVE-2012-3727
- EPSS 3.3%
- Veröffentlicht 20.09.2012 21:55:03
- Zuletzt bearbeitet 16.06.2026 23:43:49
Buffer overflow in the IPsec component in Apple iOS before 6 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.
CVE-2012-3728
- EPSS 0.34%
- Veröffentlicht 20.09.2012 21:55:03
- Zuletzt bearbeitet 16.06.2026 23:43:49
The kernel in Apple iOS before 6 dereferences invalid pointers during the handling of packet-filter data structures, which allows local users to gain privileges via a crafted program that makes packet-filter ioctl calls.
CVE-2012-3729
- EPSS 0.29%
- Veröffentlicht 20.09.2012 21:55:03
- Zuletzt bearbeitet 16.06.2026 23:43:49
The Berkeley Packet Filter (BPF) interpreter implementation in the kernel in Apple iOS before 6 accesses uninitialized memory locations, which allows local users to obtain sensitive information about the layout of kernel memory via a crafted program ...
CVE-2012-3730
- EPSS 1.73%
- Veröffentlicht 20.09.2012 21:55:03
- Zuletzt bearbeitet 16.06.2026 23:43:49
Mail in Apple iOS before 6 does not properly handle reuse of Content-ID header values, which allows remote attackers to spoof attachments via a header value that was also used in a previous e-mail message, as demonstrated by a message from a differen...
CVE-2012-3731
- EPSS 0.33%
- Veröffentlicht 20.09.2012 21:55:03
- Zuletzt bearbeitet 16.06.2026 23:43:49
Mail in Apple iOS before 6 does not properly implement the Data Protection feature for e-mail attachments, which allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors.
CVE-2012-3732
- EPSS 1.42%
- Veröffentlicht 20.09.2012 21:55:03
- Zuletzt bearbeitet 16.06.2026 23:43:49
Mail in Apple iOS before 6 uses an S/MIME message's From address as the displayed sender address, which allows remote attackers to spoof signed content via an e-mail message in which the From field does not match the signer's identity.
CVE-2012-3733
- EPSS 1.14%
- Veröffentlicht 20.09.2012 21:55:03
- Zuletzt bearbeitet 16.06.2026 23:43:49
Messages in Apple iOS before 6, when multiple iMessage e-mail addresses are configured, does not ensure that a reply's sender address matches the recipient address of the original message, which allows remote attackers to obtain potentially sensitive...
CVE-2012-3734
- EPSS 0.19%
- Veröffentlicht 20.09.2012 21:55:03
- Zuletzt bearbeitet 16.06.2026 23:43:49
Office Viewer in Apple iOS before 6 writes cleartext document data to a temporary file, which might allow local users to bypass a document's intended (1) Data Protection level or (2) encryption state by reading the temporary content.
CVE-2012-3735
- EPSS 0.33%
- Veröffentlicht 20.09.2012 21:55:03
- Zuletzt bearbeitet 16.06.2026 23:43:50
The Passcode Lock implementation in Apple iOS before 6 does not properly interact with the "Slide to Power Off" feature, which allows physically proximate attackers to see the most recently used third-party app by watching the device's screen.