Pod2G

#8166of 53,622
33.6Total CVSS
Vulnerabilities · 5
Medium
3
High
2
PT-2012-4983
5.0
2012-09-20
Apple · Ios · CVE-2012-3743
**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 6 **Description** The issue concerns the System Logs implementation, which does not properly restrict access to /var/log by sandboxed apps. This allows remote attackers to obtain sensitive information by creating a crafted app that reads log files. **Recommendations** For versions prior to 6, update to a version 6 or later to resolve the issue.
PT-2012-4984
5.0
2012-09-20
Apple · Ios · CVE-2012-3744
**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 6 **Description** The issue allows remote attackers to spoof text communication by using an SMS message's return address as the displayed sender address, even if the return address does not match the originating address. **Recommendations** For Apple iOS versions prior to 6, update to version 6 or later to resolve the issue.
PT-2012-4985
5.0
2012-09-20
Apple · Ios · CVE-2012-3745
**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 6 **Description** The issue is caused by an off-by-one error in the Telephony component, allowing remote attackers to cause a denial of service, resulting in a buffer overflow and connectivity outage. This can be achieved via a crafted user-data header in an SMS message. **Recommendations** For versions prior to 6, update to version 6 or later to resolve the issue.
PT-2012-2750
9.3
2012-03-08
Apple · Ios · CVE-2012-0642
**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 5.1 **Description** The issue allows remote attackers to execute arbitrary code or cause a denial of service, resulting in a device crash. This is achieved by using a crafted catalog file in an HFS disk image, which exploits an integer underflow. **Recommendations** For versions prior to 5.1, update to version 5.1 or later to resolve the issue.
PT-2012-2754
9.3
2012-03-08
Apple · Ios · CVE-2012-0646
**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 5.1 **Description** A format string issue in the VPN component of Apple iOS allows remote attackers to execute arbitrary code via a crafted racoon configuration file. **Recommendations** For Apple iOS versions prior to 5.1, update to version 5.1 or later to resolve the issue.