Search Results (Refine Search)
- CPE Product Version: cpe:/o:apple:iphone_os:6.0.2
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-2619 |
The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cause a denial of service (out-of-bounds read and Wi-Fi outage) via an RSN 802.11i information element. Published: November 14, 2012; 7:30:58 AM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2012-2889 |
Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors involving frames, aka "Universal XSS (UXSS)." Published: September 26, 2012; 6:56:04 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2012-3701 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. Published: September 13, 2012; 6:30:20 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2012-3687 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. Published: September 13, 2012; 6:30:20 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2012-3632 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. Published: September 13, 2012; 6:30:19 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2012-3621 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. Published: September 13, 2012; 6:30:19 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2012-3607 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. Published: September 13, 2012; 6:30:19 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2012-3606 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. Published: September 13, 2012; 6:30:19 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2012-2871 |
libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. Published: August 31, 2012; 3:55:01 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-2870 |
libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c. Published: August 31, 2012; 3:55:01 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2012-2857 |
Use-after-free vulnerability in the Cascading Style Sheets (CSS) DOM implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. Published: August 06, 2012; 11:55:01 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-2824 |
Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG painting. Published: June 27, 2012; 6:18:39 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2012-2807 |
Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Published: June 27, 2012; 6:18:38 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2011-3102 |
Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. Published: May 15, 2012; 8:55:03 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |