|
3471
|
-
4.3
|
MEDIUM
|
FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial …
|
CWE-94
Code Injection
|
CVE-2011-3256
|
cpe:2.3:o:apple:iphone_os:4.3.5:- cpe:2.3:o:apple:iphone_os:4.3.5:- cpe:2.3:o:apple:iphone_os:4.3.5:* cpe:2.3:…
|
|
|
|
|
2024-11-21 10:30
2011-10-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3472
|
-
4.3
|
MEDIUM
|
CFNetwork in Apple iOS before 5 stores AppleID credentials in an unspecified file, which makes it easier for remote attackers to obtain sensitive information via a crafted application.
|
CWE-255
Credentials Management
|
CVE-2011-3255
|
cpe:2.3:o:apple:iphone_os:4.3.5:- cpe:2.3:o:apple:iphone_os:4.3.5:- cpe:2.3:o:apple:iphone_os:4.3.5:* cpe:2.3:…
|
|
|
|
|
2024-11-21 10:30
2011-10-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3473
|
-
4.3
|
MEDIUM
|
Cross-site scripting (XSS) vulnerability in Calendar in Apple iOS before 5 allows remote attackers to inject arbitrary web script or HTML via an invitation note.
|
CWE-79
Cross-site Scripting
|
CVE-2011-3254
|
cpe:2.3:o:apple:iphone_os:4.3.5:- cpe:2.3:o:apple:iphone_os:4.3.5:- cpe:2.3:o:apple:iphone_os:4.3.5:* cpe:2.3:…
|
|
|
|
|
2024-11-21 10:30
2011-10-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3474
|
-
2.6
|
LOW
|
CalDAV in Apple iOS before 5 does not validate X.509 certificates for SSL sessions, which allows man-in-the-middle attackers to spoof calendar servers and obtain sensitive information via an arbitrar…
|
CWE-200
Information Exposure
|
CVE-2011-3253
|
cpe:2.3:o:apple:iphone_os:4.3.5:- cpe:2.3:o:apple:iphone_os:4.3.5:- cpe:2.3:o:apple:iphone_os:4.3.5:* cpe:2.3:…
|
|
|
|
|
2024-11-21 10:30
2011-10-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3475
|
-
5.0
|
MEDIUM
|
CFNetwork in Apple iOS before 5.0.1 and Mac OS X 10.7 before 10.7.2 does not properly parse URLs, which allows remote attackers to trigger visits to unintended web sites, and transmission of cookies …
|
CWE-200
Information Exposure
|
CVE-2011-3246
|
cpe:2.3:o:apple:iphone_os:4.3.5:- cpe:2.3:o:apple:iphone_os:4.3.5:- cpe:2.3:o:apple:iphone_os:4.3.5:* cpe:2.3:…
|
|
|
|
|
2024-11-21 10:30
2011-10-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3476
|
-
2.1
|
LOW
|
The Keyboards component in Apple iOS before 5 displays the final character of an entered password during a subsequent use of a keyboard, which allows physically proximate attackers to obtain sensitiv…
|
CWE-255
Credentials Management
|
CVE-2011-3245
|
cpe:2.3:o:apple:iphone_os:4.3.5:- cpe:2.3:o:apple:iphone_os:4.3.5:- cpe:2.3:o:apple:iphone_os:4.3.5:* cpe:2.3:…
|
|
|
|
|
2024-11-21 10:30
2011-10-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3477
|
-
4.3
|
MEDIUM
|
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactiv…
|
CWE-79
Cross-site Scripting
|
CVE-2011-3243
|
cpe:2.3:o:apple:iphone_os:4.3.5:- cpe:2.3:o:apple:iphone_os:4.3.5:- cpe:2.3:o:apple:iphone_os:4.3.5:* cpe:2.3:…
|
|
|
|
|
2024-11-21 10:30
2011-10-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3478
|
-
6.8
|
MEDIUM
|
Google Chrome before 14.0.835.202 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead…
|
NVD-CWE-Other
|
CVE-2011-2877
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
5.1
|
2024-11-21 10:29
2011-10-5
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3479
|
-
5.0
|
MEDIUM
|
Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
CWE-125
Out-of-bounds Read
|
CVE-2011-3234
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
5.0
|
2024-11-21 10:30
2011-09-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3480
|
-
7.5
|
HIGH
|
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles.
|
CWE-416
Use After Free
|
CVE-2011-2860
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
5.1
|
2024-11-21 10:29
2011-09-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|