Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Iphone_os
(Apple)| Repositories |
• https://github.com/madler/zlib
• https://github.com/file/file • https://github.com/WebKit/webkit • https://github.com/vadz/libtiff |
| #Vulnerabilities | 3370 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2014-09-18 | CVE-2014-4379 | An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR protection mechanism via a crafted application. | Iphone_os, Mac_os_x, Tvos | N/A | ||
| 2014-09-18 | CVE-2014-4378 | CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted PDF document. | Iphone_os, Mac_os_x, Tvos | N/A | ||
| 2014-09-18 | CVE-2014-4377 | Integer overflow in CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document. | Iphone_os, Mac_os_x, Tvos | N/A | ||
| 2014-09-18 | CVE-2014-4375 | Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports. | Iphone_os, Mac_os_x, Tvos | 7.8 | ||
| 2014-09-18 | CVE-2014-4374 | NSXMLParser in Foundation in Apple iOS before 8 allows attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | Iphone_os, Mac_os_x | N/A | ||
| 2014-09-18 | CVE-2014-4373 | The IntelAccelerator driver in the IOAcceleratorFamily subsystem in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted application. | Iphone_os, Mac_os_x, Tvos | 5.5 | ||
| 2014-09-18 | CVE-2014-4372 | syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV before 7 allows local users to change the permissions of arbitrary files via a symlink attack on an unspecified file. | Iphone_os, Tvos | N/A | ||
| 2014-09-18 | CVE-2014-4369 | The IOAcceleratorFamily API implementation in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via an application that uses crafted arguments. | Iphone_os, Tvos | N/A | ||
| 2014-09-18 | CVE-2014-4368 | The Accessibility subsystem in Apple iOS before 8 allows attackers to interfere with screen locking via vectors related to AssistiveTouch events. | Iphone_os | N/A | ||
| 2014-09-18 | CVE-2014-4367 | Apple iOS before 8 enables Voice Dial during all upgrade actions, which makes it easier for physically proximate attackers to launch unintended calls by speaking a telephone number. | Iphone_os | N/A |