exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 108 RSS Feed

Operating System: iPhone

Mandriva Linux Security Advisory 2010-027
Posted Jan 27, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-027 - KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a \\'\\0\\' (NUL) character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document that triggers write access to an offset of a NULL pointer. WebKit in Apple Safari before 4.0.2, KHTML in kdelibs in KDE, QtWebKit (aka Qt toolkit), and possibly other products does not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to recursion in certain DOM event handlers. WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. KDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. The gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc in FreeBSD 6.4 and 7.2, NetBSD 5.0, and OpenBSD 4.5 allows context-dependent attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a large precision value in the format argument to a printf function, related to an array overrun. WebKit, as used in Safari before 3.2.3 and 4 Public Beta, on Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 and Windows allows remote attackers to execute arbitrary code via a crafted SVGList object that triggers memory corruption. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary, spoof, javascript
systems | linux, netbsd, windows, freebsd, openbsd, apple, osx, mandriva, iphone
advisories | CVE-2009-2702, CVE-2009-1687, CVE-2009-1725, CVE-2009-1690, CVE-2009-1698, CVE-2009-2537, CVE-2009-0689, CVE-2009-0945
SHA-256 | 701ad2e7099f449e19e82471a31b95691ff8ff843d3d5029da766636d5585359
Apple Iphone/Ipod Denial Of Service
Posted Jan 12, 2010
Authored by mr_me

Apple Iphone/Ipod Udisk FTP Basic Edition version 1.0 suffers from a remote pre-authentication denial of service vulnerability. Proof of concept included.

tags | exploit, remote, denial of service, proof of concept
systems | apple, iphone
SHA-256 | 61c9187af88986c047247c30f3fd179106e0f4b73a5dbf9537e545fd559de528
Facebook For iPhone Cross Site Scripting
Posted Jan 4, 2010
Authored by Marco_

Facebook for iPhone suffers from a persistent cross site scripting vulnerability that causes a denial of service condition.

tags | exploit, denial of service, xss
systems | apple, iphone
SHA-256 | 9302308e10b7eeebbbff58f888847e6b6da5e6f194517d182fc596d22004a044
Secunia Security Advisory 37319
Posted Nov 16, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Citrix XenApp Online Plug-in and Citrix Receiver for iPhone, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | apple, iphone
SHA-256 | 05faa43f317f0fb023350eb0d6a0f739b56ec0fc41c22bc8354151fa450ea86e
iPod/iPhone E-Mail Man In The Middle
Posted Sep 19, 2009
Authored by William Borskey

The standard e-mail application that comes with the iPod and iPhone suffers from a man in the middle vulnerability due to not validating SSL certificates.

tags | advisory
systems | apple, iphone
SHA-256 | bac88e063695c7f4ceb162add1f4a3f7f90de5e74efea5e40f7b28a7f59a10f9
Apple iPhone OS AudioCodecs Heap Buffer Overflow
Posted Sep 15, 2009
Authored by Tobias Klein | Site trapkit.de

The iPhone OS AudioCodecs library contains a heap buffer overflow vulnerability while parsing maliciously crafted AAC or MP3 files. The vulnerability may be exploited by an attacker to execute arbitrary code in the context of an application using the vulnerable library. One attack vector are iPhone ringtones with malformed sample size table entries. It was successfully tested that iTunes uploads such malformed ringtones to the phone.

tags | advisory, overflow, arbitrary
systems | apple, iphone
advisories | CVE-2009-2206
SHA-256 | f5526418de98c9657cbd763047a324da3b927f706fa76dd4b3293e0a4a6b43d0
iPhone Safari Crash Exploit
Posted Sep 15, 2009
Authored by cloud

Apple Safari on iPhone remote crash exploit.

tags | exploit, remote
systems | apple, iphone
SHA-256 | fb2b42363d6b75defd7ed00ce5558c9b250b67b7655304ea472eae317a2e1562
Secunia Security Advisory 36677
Posted Sep 10, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities, security issues, and weaknesses have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people with physical access to the device to bypass certain security restrictions or disclose sensitive information, and by malicious people to disclose sensitive information, conduct cross-site scripting and spoofing attacks, cause a DoS (Denial of Service), or to compromise a user's system.

tags | advisory, denial of service, spoof, vulnerability, xss
systems | apple, iphone
SHA-256 | 2296538820da106f4e878d74a161d2b8dc2180eb9d9069a8e6a9bf78b90b76e1
Apple iPhone 2.2.1 / 3.x Crash And Reboot
Posted Sep 1, 2009
Authored by TheLeader

Apple iPhone versions 2.2.1 / 3.x crash and reboot exploit.

tags | exploit
systems | apple, iphone
SHA-256 | 6d1590dccb6502a5207ea1b3433631aad296f463895896e51160cd42e693be96
Secunia Security Advisory 36070
Posted Aug 4, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Apple iPhone, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | apple, iphone
SHA-256 | b92c3c859c87050a6ae8ea54525b682b4d02c9e2d55d2c6cb2d4a89656ff8ca7
iPhone / iTouch Code Execution
Posted Jul 23, 2009
Authored by Thierry Zoller

Calling the CSS attr() attribute with a large number leads to memory corruption, heap spraying allows execution of code. Arbitrary remote code execution can be achieved by creating a special website and enticing the victim into visiting that site. iPhone OS versions 1.x through 2.2.1 and iPhone OS for iPod Touch versions 1.x through 2.2.1 are affected.

tags | advisory, remote, arbitrary, code execution
systems | apple, iphone
advisories | CVE-2009-1698
SHA-256 | 133f492014f2bfbfa80c0caa0d28b13729b130a662880909a1e4dec7f7c492d9
ECMAScript Denial Of Service
Posted Jul 17, 2009
Authored by Thierry Zoller

ECMAScript in IE5, IE6, IE7, IE8, Netscape, Firefox, Safari, Opera, Konqueror, Seamonkey, Wii, PS3, iPhone, iPod, Nokia, Siemens and various other browsers allows for a denial of service condition.

tags | exploit, denial of service
systems | apple, iphone
advisories | CVE-2009-1692
SHA-256 | 0565fa347a433f911f7bc37200f43fcc3f38e665338086d0cdaaf81a0163b693
iPhone Safari Phone Auto Dial
Posted Jun 19, 2009
Authored by Collin Mulliner

Safari on the Apple iPhone suffers from a vulnerability that allows an attacker to auto-dial a number.

tags | exploit
systems | apple, iphone
SHA-256 | 750d96b2e5b025f4f460cec5ea7897e6f417588a419c661fea5d7b95be167b5c
Secunia Security Advisory 35449
Posted Jun 18, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), disclose sensitive information, conduct cross-site scripting and cross-site request forgery attacks, or compromise a user's system.

tags | advisory, denial of service, vulnerability, xss, csrf
systems | apple, iphone
SHA-256 | 79a50c234995e4d20d01755bd75c0b07e4f8d17fe83afc1b3e0335e321bf064e
Defeating The iPhone Passcode
Posted Mar 3, 2009
Authored by Brad Antoniewicz

Whitepaper called Defeating the iPhone Passcode.

tags | telephony
systems | apple, iphone
SHA-256 | 4057ba42acd5baab592ee9f0a9a299e6dee396369e8d1034ae8a86a9271d0b89
Secunia Security Advisory 32852
Posted Nov 24, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in iPhone Configuration Web Utility for Windows, which can be exploited by malicious people to disclose sensitive information.

tags | advisory, web
systems | windows, apple, iphone
SHA-256 | 43217d3cc624374d5708d3aa6bd922c35c9307a5478bf87e28b7dc4805efb5ab
Digital Defense VRT Advisory 2008.15
Posted Nov 21, 2008
Authored by Digital Defense, Corey LeBleu, r@b13$ | Site digitaldefense.net

The iPhone Configuration Web Utility 1.0 for Windows web interface is vulnerable to a common web directory traversal attack. Successful exploitation will result in arbitrary read-onlyfile access outside of the iPhone Configuration Web Utility 1.0 web root.

tags | advisory, web, arbitrary, root
systems | windows, apple, iphone
SHA-256 | 7ce5fcd314e35e70c977c9545e1d933f9a4885f0dd88693baff62488638736c9
Secunia Security Advisory 32756
Posted Nov 21, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some weaknesses, security issues, and vulnerabilities have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to bypass certain security restrictions, disclose potential sensitive information, conduct spoofing attacks, to cause a DoS (Denial of Service), or potentially compromise a user's system.

tags | advisory, denial of service, spoof, vulnerability
systems | apple, iphone
SHA-256 | 88c5064fadc55a6865c14f82be8c894fafad40ffebb9c81324b415fb51bee430
Secunia Security Advisory 31900
Posted Sep 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Apple iPhone, which can be exploited by malicious applications to bypass certain security features, and by malicious people to poison the DNS cache, spoof TCP connections, or potentially compromise a user's device.

tags | advisory, spoof, tcp, vulnerability
systems | apple, iphone
SHA-256 | 7291003599819241f92168ea6ebca0b5d7b230d9f07eb5f1e017239d7272664a
Core Security Technologies Advisory 2008.0603
Posted Sep 12, 2008
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - A vulnerability has been found on the 'WebKit' library used by Safari inside iPhone. By inserting a special string on the 'alert()' JavaScript method, it's possible to crash Safari via an outbound memory read triggering an access violation.

tags | advisory, javascript
systems | apple, iphone
advisories | CVE-2008-3950
SHA-256 | 8a0bac7a699469d747fd1add18ee852e92af84a1b7d2add6bf85bab412a08ba0
Secunia Security Advisory 31074
Posted Jul 15, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks, cause a DoS (Denial of Service), bypass certain security restrictions, or compromise a user's system.

tags | advisory, denial of service, spoof, vulnerability, xss
systems | apple, iphone
SHA-256 | 00ec30ca8e3c447de57a1d6e885ed261a186761cad600534c9dd89f8540bd2d7
iphonedbg-toolkit-1.01.tgz
Posted Jun 17, 2008
Authored by Nicolas A. Economou | Site oss.coresecurity.com

The iPhoneDbg Toolkit is a set of tools that will enable you to delve into iPhone binary reversing. The iPhone Debugger allows you to debug running or newly-created native processes inside iPhone. The Library Loader Patcher will allow to debug iPhone libraries. You can also build a tunnel from your PC to your iPhone through USB.

tags | telephony
systems | apple, iphone
SHA-256 | 0ea5823207e04dbd5830b75e63089a1538555633f849c44b20a82e8b3108af90
safariphone-dos.txt
Posted Mar 17, 2008
Authored by Georgi Guninski

Apple Safari remote denial of service exploit for the iPhone / OSX / Windows.

tags | exploit, remote, denial of service
systems | windows, apple, iphone
SHA-256 | bcf3762c17722ccbd9badf01735132e76fff0d22715bdb3bc81c0734638e143f
iphone-dos.txt
Posted Jan 25, 2008
Authored by c0ntex | Site open-security.org

Apple iPhone version 1.1.2 remote denial of service exploit that makes use of Safari.

tags | exploit, remote, denial of service
systems | apple, iphone
SHA-256 | 17140e6c36e864614e1b0e826b1502ce79daef78f7a984b8311fb4fa3f9b5010
Secunia Security Advisory 28497
Posted Jan 17, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities and a security issue have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, or to compromise a vulnerable device.

tags | advisory, vulnerability, xss
systems | apple, iphone
SHA-256 | a8a7b8b11137622729dd9f11f609d3dcc774b801c78c462438def3ea901e451d
Page 4 of 5
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close