Filtered by vendor Apple
Subscriptions
Filtered by product Ipod Touch
Subscriptions
Total
58 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2009-1683 | 1 Apple | 2 Iphone Os, Ipod Touch | 2024-09-17 | N/A |
The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted ICMP echo request, which triggers an assertion error related to a "logic issue." | ||||
CVE-2010-1756 | 1 Apple | 2 Iphone Os, Ipod Touch | 2024-09-17 | N/A |
The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network. | ||||
CVE-2010-1181 | 1 Apple | 2 Iphone Os, Ipod Touch | 2024-09-17 | N/A |
Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a MARQUEE element. | ||||
CVE-2012-2648 | 2 Apple, Goodiware | 4 Ipad, Iphone Os, Ipod Touch and 1 more | 2024-09-16 | N/A |
Cross-site scripting (XSS) vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser. | ||||
CVE-2007-5858 | 1 Apple | 5 Iphone, Iphone Os, Ipod Touch and 2 more | 2024-08-07 | N/A |
WebKit in Safari in Apple Mac OS X 10.4.11 and 10.5.1, iPhone 1.0 through 1.1.2, and iPod touch 1.1 through 1.1.2 allows remote attackers to "navigate the subframes of any other page," which can be leveraged to conduct cross-site scripting (XSS) attacks and obtain sensitive information. | ||||
CVE-2007-5450 | 1 Apple | 3 Iphone Os, Ipod Touch, Safari | 2024-08-07 | N/A |
Unspecified vulnerability in Safari on the Apple iPod touch (aka iTouch) and iPhone 1.1.1 allows user-assisted remote attackers to cause a denial of service (application crash), and enable filesystem browsing by the local user, via a certain TIFF file. | ||||
CVE-2008-4233 | 1 Apple | 3 Iphone Os, Ipod Touch, Safari | 2024-08-07 | N/A |
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not isolate the call-approval dialog from the process of launching new applications, which allows remote attackers to make arbitrary phone calls via a crafted HTML document. | ||||
CVE-2008-4232 | 1 Apple | 3 Iphone Os, Ipod Touch, Safari | 2024-08-07 | N/A |
Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to spoof a user interface via a crafted HTML document. | ||||
CVE-2008-4231 | 1 Apple | 3 Iphone Os, Ipod Touch, Safari | 2024-08-07 | N/A |
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. | ||||
CVE-2008-4228 | 1 Apple | 2 Iphone Os, Ipod Touch | 2024-08-07 | N/A |
The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows physically proximate attackers to leverage the emergency-call ability of locked devices to make a phone call to an arbitrary number. | ||||
CVE-2008-4230 | 1 Apple | 2 Iphone Os, Ipod Touch | 2024-08-07 | N/A |
The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 displays SMS messages when the emergency-call screen is visible, which allows physically proximate attackers to obtain sensitive information by reading these messages. NOTE: this might be a duplicate of CVE-2008-4593. | ||||
CVE-2008-4229 | 1 Apple | 2 Iphone Os, Ipod Touch | 2024-08-07 | N/A |
Race condition in the Passcode Lock feature in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.0 through 2.1 allows physically proximate attackers to remove the lock and launch arbitrary applications by restoring the device from a backup. | ||||
CVE-2008-4227 | 1 Apple | 2 Iphone Os, Ipod Touch | 2024-08-07 | N/A |
Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 changes the encryption level of PPTP VPN connections to a lower level than was previously used, which makes it easier for remote attackers to obtain sensitive information or hijack a connection by decrypting network traffic. | ||||
CVE-2008-3950 | 1 Apple | 3 Iphone, Ipod Touch, Safari | 2024-08-07 | N/A |
Off-by-one error in the _web_drawInRect:withFont:ellipsis:alignment:measureOnly function in WebKit in Safari in Apple iPhone 1.1.4 and 2.0 and iPod touch 1.1.4 and 2.0 allows remote attackers to cause a denial of service (browser crash) via a JavaScript alert call with an argument that lacks breakable characters and has a length that is a multiple of the memory page size, leading to an out-of-bounds read. | ||||
CVE-2008-3632 | 1 Apple | 3 Iphone, Iphone Os, Ipod Touch | 2024-08-07 | N/A |
Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through 2.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a web page with crafted Cascading Style Sheets (CSS) import statements. | ||||
CVE-2008-3631 | 1 Apple | 1 Ipod Touch | 2024-08-07 | N/A |
Application Sandbox in Apple iPod touch 2.0 through 2.0.2, and iPhone 2.0 through 2.0.2, does not properly isolate third-party applications, which allows attackers to read arbitrary files in a third-party application's sandbox via a different third-party application. | ||||
CVE-2008-2317 | 1 Apple | 4 Iphone, Iphone Os, Ipod Touch and 1 more | 2024-08-07 | N/A |
WebCore in Apple Safari does not properly perform garbage collection of JavaScript document elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via a reference to the ownerNode property of a copied CSSStyleSheet object of a STYLE element, as originally demonstrated on Apple iPhone before 2.0 and iPod touch before 2.0, a different vulnerability than CVE-2008-1590. | ||||
CVE-2008-2303 | 1 Apple | 4 Iphone, Iphone Os, Ipod Touch and 1 more | 2024-08-07 | N/A |
Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript array indices that trigger an out-of-bounds access, a different vulnerability than CVE-2008-2307. | ||||
CVE-2008-1588 | 1 Apple | 4 Iphone, Iphone Os, Ipod Touch and 1 more | 2024-08-07 | N/A |
Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to spoof the address bar via Unicode ideographic spaces in the URL. | ||||
CVE-2008-1589 | 1 Apple | 4 Iphone, Iphone Os, Ipod Touch and 1 more | 2024-08-07 | N/A |
Safari on Apple iPhone before 2.0 and iPod touch before 2.0 misinterprets a menu button press as user confirmation for visiting a web site with a (1) self-signed or (2) invalid certificate, which makes it easier for remote attackers to spoof web sites. |