| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The page-loading implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, does not properly handle the rel attribute in an A element, which allows remote attackers to bypass the Same Origin Policy for a link's target, and spoof the user interface, via a crafted web site. |
| Apple iOS before 8 enables Bluetooth during all upgrade actions, which makes it easier for remote attackers to bypass intended access restrictions via a Bluetooth session. |
| Accounts Framework in Apple iOS before 8 and Apple TV before 7 allows attackers to obtain sensitive information by reading log data that was not intended to be present in a log. |
| The Sandbox Profiles implementation in Apple iOS before 8 does not properly restrict the third-party app sandbox profile, which allows attackers to obtain sensitive Apple ID information via a crafted app. |
| The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash. |
| Apple iOS before 8 enables Voice Dial during all upgrade actions, which makes it easier for physically proximate attackers to launch unintended calls by speaking a telephone number. |
| syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV before 7 allows local users to change the permissions of arbitrary files via a symlink attack on an unspecified file. |
| NSXMLParser in Foundation in Apple iOS before 8 allows attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. |
| Integer overflow in CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document. |
| CoreGraphics in Apple iOS before 8 and Apple TV before 7 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted PDF document. |
| An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR protection mechanism via a crafted application. |
| The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application. |
| Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application. |
| WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. |
| The Accounts subsystem in Apple iOS before 8 allows attackers to bypass a sandbox protection mechanism and obtain an active iCloud account's Apple ID and metadata via a crafted application. |
| The QuickType feature in the Keyboards subsystem in Apple iOS before 8.1 collects typing-prediction data from fields with an off autocomplete attribute, which makes it easier for attackers to discover credentials by reading credential values within unintended DOM input elements. |
| Apple iOS before 8.1.1 does not properly enforce the failed-passcode limit, which makes it easier for physically proximate attackers to bypass the lock-screen protection mechanism via a series of guesses. |
| dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file. |
| WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
| IOAcceleratorFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly handle resource lists and IOService userclient types, which allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via a crafted app. |
