Product:

Iphone_os

(Apple)
Date Id Summary Products Score Patch Annotated
2020-12-08 CVE-2020-10010 A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges. Ipados, Iphone_os, Mac_os_x, Tvos, Watchos 7.8
2007-06-25 CVE-2007-2400 Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, Windows XP, Windows Vista, and iPhone before 1.0.1, allows remote attackers to bypass the JavaScript security model and modify pages outside of the security domain and conduct cross-site scripting (XSS) attacks via vectors related to page updating and HTTP redirects. Iphone_os, Safari N/A
2007-09-27 CVE-2007-3755 Mail in Apple iPhone 1.1.1 allows remote user-assisted attackers to force the iPhone user to make calls to arbitrary telephone numbers via a "tel:" link, which does not prompt the user before dialing the number. Iphone, Iphone_os N/A
2007-09-27 CVE-2007-3754 Mail in Apple iPhone 1.1.1, when using SSL, does not warn the user when the mail server changes or is not trusted, which might allow remote attackers to steal credentials and read email via a man-in-the-middle (MITM) attack. Iphone, Iphone_os N/A
2007-09-27 CVE-2007-3753 Apple iPhone 1.1.1, with Bluetooth enabled, allows physically proximate attackers to cause a denial of service (application termination) and execute arbitrary code via crafted Service Discovery Protocol (SDP) packets, related to insufficient input validation. Iphone, Iphone_os N/A
2008-01-16 CVE-2008-0034 Unspecified vulnerability in Passcode Lock in Apple iPhone 1.0 through 1.1.2 allows users with physical access to execute applications without entering the passcode via vectors related to emergency calls. Iphone, Iphone_os N/A
2008-09-11 CVE-2008-3632 Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through 2.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a web page with crafted Cascading Style Sheets (CSS) import statements. Iphone, Iphone_os, Ipod_touch N/A
2008-11-25 CVE-2008-1586 ImageIO in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allow remote attackers to cause a denial of service (memory consumption and device reset) via a crafted TIFF image. Iphone_os N/A
2008-11-25 CVE-2008-4227 Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 changes the encryption level of PPTP VPN connections to a lower level than was previously used, which makes it easier for remote attackers to obtain sensitive information or hijack a connection by decrypting network traffic. Iphone_os N/A
2008-11-25 CVE-2008-4228 The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows physically proximate attackers to leverage the emergency-call ability of locked devices to make a phone call to an arbitrary number. Iphone_os N/A