Apple

iPhone OS

3820 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2010-2805

Exploit
  • EPSS 5.63%
  • Veröffentlicht 19.08.2010 18:00:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ...

9.3

CVE-2010-1797

Exploit
  • EPSS 48.44%
  • Veröffentlicht 16.08.2010 18:39:40
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 o...

6.9

CVE-2010-2973

Exploit
  • EPSS 0.14%
  • Veröffentlicht 05.08.2010 18:17:58
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe.

9.8

CVE-2010-1205

Exploit
  • EPSS 16.78%
  • Veröffentlicht 30.06.2010 18:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

6.5

CVE-2010-2249

  • EPSS 1.57%
  • Veröffentlicht 30.06.2010 18:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.

4.3

CVE-2010-1407

  • EPSS 0.73%
  • Veröffentlicht 22.06.2010 20:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via a crafted HTML do...

5

CVE-2010-1751

  • EPSS 0.48%
  • Veröffentlicht 22.06.2010 20:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-library access, which might allow remote attackers to obtain location information via unspecified vectors.

6.8

CVE-2010-1752

  • EPSS 3.3%
  • Veröffentlicht 22.06.2010 20:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling.

6.8

CVE-2010-1753

  • EPSS 1.51%
  • Veröffentlicht 22.06.2010 20:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image.

6.9

CVE-2010-1754

  • EPSS 0.07%
  • Veröffentlicht 22.06.2010 20:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunction with subsequent Remote Lock operations through MobileMe, which allows physically proximate attackers to bypass intended passc...