Mandriva Linux Security Advisory 2010-027 - KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a \\'\\0\\' (NUL) character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document that triggers write access to an offset of a NULL pointer. WebKit in Apple Safari before 4.0.2, KHTML in kdelibs in KDE, QtWebKit (aka Qt toolkit), and possibly other products does not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to recursion in certain DOM event handlers. WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. KDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. The gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc in FreeBSD 6.4 and 7.2, NetBSD 5.0, and OpenBSD 4.5 allows context-dependent attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a large precision value in the format argument to a printf function, related to an array overrun. WebKit, as used in Safari before 3.2.3 and 4 Public Beta, on Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 and Windows allows remote attackers to execute arbitrary code via a crafted SVGList object that triggers memory corruption. The updated packages have been patched to correct these issues.
701ad2e7099f449e19e82471a31b95691ff8ff843d3d5029da766636d5585359
Apple Iphone/Ipod Udisk FTP Basic Edition version 1.0 suffers from a remote pre-authentication denial of service vulnerability. Proof of concept included.
61c9187af88986c047247c30f3fd179106e0f4b73a5dbf9537e545fd559de528
Facebook for iPhone suffers from a persistent cross site scripting vulnerability that causes a denial of service condition.
9302308e10b7eeebbbff58f888847e6b6da5e6f194517d182fc596d22004a044
Secunia Security Advisory - A vulnerability has been reported in Citrix XenApp Online Plug-in and Citrix Receiver for iPhone, which can be exploited by malicious people to conduct spoofing attacks.
05faa43f317f0fb023350eb0d6a0f739b56ec0fc41c22bc8354151fa450ea86e
The standard e-mail application that comes with the iPod and iPhone suffers from a man in the middle vulnerability due to not validating SSL certificates.
bac88e063695c7f4ceb162add1f4a3f7f90de5e74efea5e40f7b28a7f59a10f9
The iPhone OS AudioCodecs library contains a heap buffer overflow vulnerability while parsing maliciously crafted AAC or MP3 files. The vulnerability may be exploited by an attacker to execute arbitrary code in the context of an application using the vulnerable library. One attack vector are iPhone ringtones with malformed sample size table entries. It was successfully tested that iTunes uploads such malformed ringtones to the phone.
f5526418de98c9657cbd763047a324da3b927f706fa76dd4b3293e0a4a6b43d0
Apple Safari on iPhone remote crash exploit.
fb2b42363d6b75defd7ed00ce5558c9b250b67b7655304ea472eae317a2e1562
Secunia Security Advisory - Some vulnerabilities, security issues, and weaknesses have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people with physical access to the device to bypass certain security restrictions or disclose sensitive information, and by malicious people to disclose sensitive information, conduct cross-site scripting and spoofing attacks, cause a DoS (Denial of Service), or to compromise a user's system.
2296538820da106f4e878d74a161d2b8dc2180eb9d9069a8e6a9bf78b90b76e1
Apple iPhone versions 2.2.1 / 3.x crash and reboot exploit.
6d1590dccb6502a5207ea1b3433631aad296f463895896e51160cd42e693be96
Secunia Security Advisory - A vulnerability has been reported in Apple iPhone, which can be exploited by malicious people to compromise a user's system.
b92c3c859c87050a6ae8ea54525b682b4d02c9e2d55d2c6cb2d4a89656ff8ca7
Calling the CSS attr() attribute with a large number leads to memory corruption, heap spraying allows execution of code. Arbitrary remote code execution can be achieved by creating a special website and enticing the victim into visiting that site. iPhone OS versions 1.x through 2.2.1 and iPhone OS for iPod Touch versions 1.x through 2.2.1 are affected.
133f492014f2bfbfa80c0caa0d28b13729b130a662880909a1e4dec7f7c492d9
ECMAScript in IE5, IE6, IE7, IE8, Netscape, Firefox, Safari, Opera, Konqueror, Seamonkey, Wii, PS3, iPhone, iPod, Nokia, Siemens and various other browsers allows for a denial of service condition.
0565fa347a433f911f7bc37200f43fcc3f38e665338086d0cdaaf81a0163b693
Safari on the Apple iPhone suffers from a vulnerability that allows an attacker to auto-dial a number.
750d96b2e5b025f4f460cec5ea7897e6f417588a419c661fea5d7b95be167b5c
Secunia Security Advisory - Some vulnerabilities have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), disclose sensitive information, conduct cross-site scripting and cross-site request forgery attacks, or compromise a user's system.
79a50c234995e4d20d01755bd75c0b07e4f8d17fe83afc1b3e0335e321bf064e
Whitepaper called Defeating the iPhone Passcode.
4057ba42acd5baab592ee9f0a9a299e6dee396369e8d1034ae8a86a9271d0b89
Secunia Security Advisory - A vulnerability has been discovered in iPhone Configuration Web Utility for Windows, which can be exploited by malicious people to disclose sensitive information.
43217d3cc624374d5708d3aa6bd922c35c9307a5478bf87e28b7dc4805efb5ab
The iPhone Configuration Web Utility 1.0 for Windows web interface is vulnerable to a common web directory traversal attack. Successful exploitation will result in arbitrary read-onlyfile access outside of the iPhone Configuration Web Utility 1.0 web root.
7ce5fcd314e35e70c977c9545e1d933f9a4885f0dd88693baff62488638736c9
Secunia Security Advisory - Some weaknesses, security issues, and vulnerabilities have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to bypass certain security restrictions, disclose potential sensitive information, conduct spoofing attacks, to cause a DoS (Denial of Service), or potentially compromise a user's system.
88c5064fadc55a6865c14f82be8c894fafad40ffebb9c81324b415fb51bee430
Secunia Security Advisory - Multiple vulnerabilities have been reported in Apple iPhone, which can be exploited by malicious applications to bypass certain security features, and by malicious people to poison the DNS cache, spoof TCP connections, or potentially compromise a user's device.
7291003599819241f92168ea6ebca0b5d7b230d9f07eb5f1e017239d7272664a
Core Security Technologies Advisory - A vulnerability has been found on the 'WebKit' library used by Safari inside iPhone. By inserting a special string on the 'alert()' JavaScript method, it's possible to crash Safari via an outbound memory read triggering an access violation.
8a0bac7a699469d747fd1add18ee852e92af84a1b7d2add6bf85bab412a08ba0
Secunia Security Advisory - Some vulnerabilities have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks, cause a DoS (Denial of Service), bypass certain security restrictions, or compromise a user's system.
00ec30ca8e3c447de57a1d6e885ed261a186761cad600534c9dd89f8540bd2d7
The iPhoneDbg Toolkit is a set of tools that will enable you to delve into iPhone binary reversing. The iPhone Debugger allows you to debug running or newly-created native processes inside iPhone. The Library Loader Patcher will allow to debug iPhone libraries. You can also build a tunnel from your PC to your iPhone through USB.
0ea5823207e04dbd5830b75e63089a1538555633f849c44b20a82e8b3108af90
Apple Safari remote denial of service exploit for the iPhone / OSX / Windows.
bcf3762c17722ccbd9badf01735132e76fff0d22715bdb3bc81c0734638e143f
Apple iPhone version 1.1.2 remote denial of service exploit that makes use of Safari.
17140e6c36e864614e1b0e826b1502ce79daef78f7a984b8311fb4fa3f9b5010
Secunia Security Advisory - Two vulnerabilities and a security issue have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, or to compromise a vulnerable device.
a8a7b8b11137622729dd9f11f609d3dcc774b801c78c462438def3ea901e451d