Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*
There are 2,482 matching records.
Displaying matches 2,221 through 2,240.
Vuln ID Summary CVSS Severity
CVE-2012-3724

CFNetwork in Apple iOS before 6 does not properly identify the host portion of a URL, which allows remote attackers to obtain sensitive information by leveraging the construction of an HTTP request with an incorrect hostname derived from a malformed URL.

Published: September 20, 2012; 5:55:03 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2012-3722

The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.

Published: September 20, 2012; 5:55:03 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-3701

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

Published: September 13, 2012; 6:30:20 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-3687

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

Published: September 13, 2012; 6:30:20 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-3632

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

Published: September 13, 2012; 6:30:19 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-3621

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

Published: September 13, 2012; 6:30:19 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-3607

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

Published: September 13, 2012; 6:30:19 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-3606

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

Published: September 13, 2012; 6:30:19 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-2871

libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.

Published: August 31, 2012; 3:55:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-2870

libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.

Published: August 31, 2012; 3:55:01 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2012-2857

Use-after-free vulnerability in the Cascading Style Sheets (CSS) DOM implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

Published: August 06, 2012; 11:55:01 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-2824

Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG painting.

Published: June 27, 2012; 6:18:39 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2012-2807

Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Published: June 27, 2012; 6:18:38 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3102

Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.

Published: May 15, 2012; 8:55:03 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-0674

Safari in Apple iOS before 5.1.1 allows remote attackers to spoof the location bar's URL via a crafted web site.

Published: May 08, 2012; 6:25:47 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2012-0672

WebKit in Apple iOS before 5.1.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Published: May 08, 2012; 6:25:46 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-1521

Use-after-free vulnerability in the XML parser in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Published: May 01, 2012; 6:12:04 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3081

Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078.

Published: May 01, 2012; 6:12:04 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2011-3078

Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3081.

Published: May 01, 2012; 6:12:04 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3076

Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to focus handling.

Published: April 05, 2012; 6:02:08 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM