Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:apple:iphone_os:1.1.0:-:iphone
There are 2,307 matching records.
Displaying matches 2,081 through 2,100.
Vuln ID Summary CVSS Severity
CVE-2011-3069

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to line boxes.

Published: April 05, 2012; 6:02:07 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3068

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to run-in boxes.

Published: April 05, 2012; 6:02:07 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3067

Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements.

Published: April 05, 2012; 6:02:07 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3064

Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.

Published: March 30, 2012; 6:55:01 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-3060

Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

Published: March 30, 2012; 6:55:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3059

Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

Published: March 30, 2012; 6:55:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3058

Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP encoding system, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.

Published: March 30, 2012; 6:55:01 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2011-3056

Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."

Published: March 22, 2012; 12:55:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3053

Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting.

Published: March 22, 2012; 12:55:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3050

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.

Published: March 22, 2012; 12:55:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3046

The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue.

Published: March 08, 2012; 7:55:01 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-0646

Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.

Published: March 08, 2012; 5:55:04 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-0645

Siri in Apple iOS before 5.1 does not properly restrict the ability of Mail.app to handle voice commands, which allows physically proximate attackers to bypass the locked state via a command that forwards an active e-mail message to an arbitrary recipient.

Published: March 08, 2012; 5:55:04 PM -0500
V3.x:(not available)
V2.0: 1.2 LOW
CVE-2012-0644

Race condition in the Passcode Lock feature in Apple iOS before 5.1 allows physically proximate attackers to bypass intended passcode requirements via a slide-to-dial gesture.

Published: March 08, 2012; 5:55:04 PM -0500
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2012-0643

The kernel in Apple iOS before 5.1 does not properly handle debug system calls, which allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a crafted program.

Published: March 08, 2012; 5:55:04 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-0642

Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via a crafted catalog file in an HFS disk image.

Published: March 08, 2012; 5:55:04 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-0641

CFNetwork in Apple iOS before 5.1 does not properly construct request headers during parsing of URLs, which allows remote attackers to obtain sensitive information via a malformed URL, a different vulnerability than CVE-2011-3447.

Published: March 08, 2012; 5:55:04 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2012-0635

WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.

Published: March 08, 2012; 5:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-0633

WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.

Published: March 08, 2012; 5:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-0632

WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.

Published: March 08, 2012; 5:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH