Apple

iPhone OS

4053 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 2.14%
  • Veröffentlicht 22.03.2012 16:55:01
  • Zuletzt bearbeitet 16.06.2026 23:32:31

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-lette...

  • EPSS 1.75%
  • Veröffentlicht 22.03.2012 16:55:01
  • Zuletzt bearbeitet 16.06.2026 23:32:31

Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting.

  • EPSS 1.33%
  • Veröffentlicht 22.03.2012 16:55:01
  • Zuletzt bearbeitet 16.06.2026 23:32:31

Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."

Medienbericht
  • EPSS 4.87%
  • Veröffentlicht 09.03.2012 00:55:01
  • Zuletzt bearbeitet 16.06.2026 23:32:30

The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue.

  • EPSS 2.32%
  • Veröffentlicht 08.03.2012 22:55:04
  • Zuletzt bearbeitet 16.06.2026 23:37:59

CFNetwork in Apple iOS before 5.1 does not properly construct request headers during parsing of URLs, which allows remote attackers to obtain sensitive information via a malformed URL, a different vulnerability than CVE-2011-3447.

  • EPSS 4.52%
  • Veröffentlicht 08.03.2012 22:55:04
  • Zuletzt bearbeitet 16.06.2026 23:37:59

Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via a crafted catalog file in an HFS disk image.

  • EPSS 4.93%
  • Veröffentlicht 08.03.2012 22:55:04
  • Zuletzt bearbeitet 16.06.2026 23:37:59

The kernel in Apple iOS before 5.1 does not properly handle debug system calls, which allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a crafted program.

  • EPSS 0.28%
  • Veröffentlicht 08.03.2012 22:55:04
  • Zuletzt bearbeitet 16.06.2026 23:37:59

Race condition in the Passcode Lock feature in Apple iOS before 5.1 allows physically proximate attackers to bypass intended passcode requirements via a slide-to-dial gesture.

  • EPSS 0.35%
  • Veröffentlicht 08.03.2012 22:55:04
  • Zuletzt bearbeitet 16.06.2026 23:38:00

Siri in Apple iOS before 5.1 does not properly restrict the ability of Mail.app to handle voice commands, which allows physically proximate attackers to bypass the locked state via a command that forwards an active e-mail message to an arbitrary reci...

  • EPSS 4.89%
  • Veröffentlicht 08.03.2012 22:55:04
  • Zuletzt bearbeitet 16.06.2026 23:38:00

Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.