CVE-2009-0960
- EPSS 1.89%
- Veröffentlicht 19.06.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:06:12
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not provide an option to disable remote image loading in HTML email, which allows remote attackers to determine the device address and when an...
- EPSS 6.38%
- Veröffentlicht 19.06.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:06:12
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a call without user ...
CVE-2009-1679
- EPSS 0.36%
- Veröffentlicht 19.06.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:07:48
The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password policy, which allows ...
CVE-2009-1680
- EPSS 0.38%
- Veröffentlicht 19.06.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:07:48
Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to obtain the search h...
CVE-2009-1683
- EPSS 2.8%
- Veröffentlicht 19.06.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:07:48
The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted ICMP echo request, which triggers an assertion error related...
CVE-2009-1692
- EPSS 4.24%
- Veröffentlicht 19.06.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:07:50
WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page conta...
CVE-2009-1698
- EPSS 8.46%
- Veröffentlicht 10.06.2009 18:00:00
- Zuletzt bearbeitet 16.06.2026 23:07:51
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which a...
CVE-2009-1699
- EPSS 29.1%
- Veröffentlicht 10.06.2009 18:00:00
- Zuletzt bearbeitet 16.06.2026 23:07:51
The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read arbitrary files ...
CVE-2009-1700
- EPSS 2.62%
- Veröffentlicht 10.06.2009 18:00:00
- Zuletzt bearbeitet 16.06.2026 23:07:51
The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from arbitrary web pages v...
CVE-2009-1701
- EPSS 7.75%
- Veröffentlicht 10.06.2009 18:00:00
- Zuletzt bearbeitet 16.06.2026 23:07:51
Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of...