U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:apple:iphone_os:1.1.0:-:ipodtouch:*:*:*:*:*
  • CPE Name Search: true
There are 2,712 matching records.
Displaying matches 2,641 through 2,660.
Vuln ID Summary CVSS Severity
CVE-2011-1117

Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale nodes."

Published: March 01, 2011; 6:00:03 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-1115

Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

Published: March 01, 2011; 6:00:03 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-1114

Google Chrome before 9.0.597.107 does not properly handle tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."

Published: March 01, 2011; 6:00:03 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-1109

Google Chrome before 9.0.597.107 does not properly process nodes in Cascading Style Sheets (CSS) stylesheets, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

Published: March 01, 2011; 6:00:03 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-1107

Unspecified vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to spoof the URL bar via unknown vectors.

Published: March 01, 2011; 6:00:03 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2011-0983

Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

Published: February 10, 2011; 2:00:02 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-0981

Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

Published: February 10, 2011; 2:00:02 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-4494

Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

Published: December 07, 2010; 4:00:09 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-3832

Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband processor via a crafted Temporary Mobile Subscriber Identity (TMSI) field.

Published: November 26, 2010; 3:00:03 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-3831

Photos in Apple iOS before 4.2 enables support for HTTP Basic Authentication over an unencrypted connection, which allows man-in-the-middle attackers to read MobileMe account passwords by spoofing a MobileMe Gallery server during a "Send to MobileMe" action.

Published: November 26, 2010; 3:00:03 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2010-3830

Networking in Apple iOS before 4.2 accesses an invalid pointer during the processing of packet filter rules, which allows local users to gain privileges via unspecified vectors.

Published: November 26, 2010; 3:00:03 PM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2010-3829

WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in Mail via an HTML LINK element with a DNS prefetching property, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality, a related issue to CVE-2010-3813.

Published: November 26, 2010; 3:00:03 PM -0500
V3.x:(not available)
V2.0: 5.8 MEDIUM
CVE-2010-3828

iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a crafted URL in an ad.

Published: November 26, 2010; 3:00:03 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2010-3827

Apple iOS before 4.2 does not properly validate signatures before displaying a configuration profile in the configuration installation utility, which allows remote attackers to spoof profiles via unspecified vectors.

Published: November 26, 2010; 3:00:02 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2010-4008

libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.

Published: November 16, 2010; 8:00:02 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2010-1817

Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.

Published: September 09, 2010; 6:00:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-1815

Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars.

Published: September 09, 2010; 6:00:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-1814

WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus.

Published: September 09, 2010; 6:00:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-1813

WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines.

Published: September 09, 2010; 6:00:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-1812

Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections.

Published: September 09, 2010; 6:00:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM