Product:

Iphone_os

(Apple)
Date Id Summary Products Score Patch Annotated
2009-08-12 CVE-2009-2199 Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs. Iphone_os, Safari N/A
2009-09-10 CVE-2009-2206 Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted (1) AAC or (2) MP3 file, as demonstrated by a ringtone with malformed entries in the sample size table. Iphone_os, Ipod_touch N/A
2010-06-18 CVE-2010-1387 Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769. Iphone_os, Itunes N/A
2010-06-22 CVE-2010-1407 WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via a crafted HTML document. Iphone_os N/A
2010-06-22 CVE-2010-1751 Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-library access, which might allow remote attackers to obtain location information via unspecified vectors. Iphone_os N/A
2010-06-22 CVE-2010-1752 Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling. Iphone_os N/A
2010-06-22 CVE-2010-1753 ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image. Iphone_os N/A
2010-06-22 CVE-2010-1754 Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunction with subsequent Remote Lock operations through MobileMe, which allows physically proximate attackers to bypass intended passcode requirements via unspecified vectors. Iphone_os N/A
2010-06-22 CVE-2010-1755 Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, which makes it easier for remote web servers to track users via a cookie. Iphone_os N/A
2010-06-22 CVE-2010-1756 The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network. Iphone_os N/A