|
3351
|
-
6.8
|
MEDIUM
|
Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
CWE-125
Out-of-bounds Read
|
CVE-2011-3060
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
6.0
|
2024-11-21 10:29
2012-03-31
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3352
|
-
6.8
|
MEDIUM
|
Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
CWE-125
Out-of-bounds Read
|
CVE-2011-3059
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
6.0
|
2024-11-21 10:29
2012-03-31
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3353
|
-
4.3
|
MEDIUM
|
Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP encoding system, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-3058
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
6.0.1
|
2024-11-21 10:29
2012-03-31
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3354
|
-
6.8
|
MEDIUM
|
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."
|
CWE-346
Origin Validation Error
|
CVE-2011-3056
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
5.1.1
|
2024-11-21 10:29
2012-03-23
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3355
|
-
6.8
|
MEDIUM
|
Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting.
|
CWE-416
Use After Free
|
CVE-2011-3053
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
6.0
|
2024-11-21 10:29
2012-03-23
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3356
|
-
6.8
|
MEDIUM
|
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified o…
|
CWE-416
Use After Free
|
CVE-2011-3050
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
6.0
|
2024-11-21 10:29
2012-03-23
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3357
|
-
10.0
|
HIGH
|
The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)"…
|
CWE-79
Cross-site Scripting
|
CVE-2011-3046
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
5.1.1
|
2024-11-21 10:29
2012-03-9
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3358
|
-
9.3
|
HIGH
|
Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2012-0646
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
5.1
|
2024-11-21 10:35
2012-03-9
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3359
|
-
1.2
|
LOW
|
Siri in Apple iOS before 5.1 does not properly restrict the ability of Mail.app to handle voice commands, which allows physically proximate attackers to bypass the locked state via a command that for…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0645
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
5.1
|
2024-11-21 10:35
2012-03-9
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3360
|
-
6.9
|
MEDIUM
|
Race condition in the Passcode Lock feature in Apple iOS before 5.1 allows physically proximate attackers to bypass intended passcode requirements via a slide-to-dial gesture.
|
CWE-362
Race Condition
|
CVE-2012-0644
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
5.1
|
2024-11-21 10:35
2012-03-9
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|