Vendor Dictionary: Apple Inc.

Apple Inc.

Short Name:	Apple
Previous Names:	Apple Computer, Inc.
URL:	http://www.apple.com/ [visit link]
Email:	[None Entered]
Security URL:	http://www.apple.com/support/security/ [visit link]
Security Email:	product-securityapple.com
Knowledge Base:	http://www.apple.com/support/ [visit link]
Notes:	PGP key is available at https://www.apple.com/support/security/pgp/

Vulnerabilities by Vendor Product

Apple Inc.

« Previous 1 2 3 4 5 6 7 8 Next »

Apple Inc.

Mac OS: 10.2.1; OSVDB ID: 7058 Apple Mac OS X CUPS Web Admin Utility DoS

iTouch: 1.1; 1.1.4

Mac OS 9: 9.0; OSVDB ID: 7033 Mac OS 9 Idle Lock Password Bypass; OSVDB ID: 7034 Mac OS 9 Idle Lock Debugger Password Bypass; OSVDB ID: 7038 Mac OS Runtime Java URLConnection Arbitrary Host Access; OSVDB ID: 1173 Mac OS 9 Open Transport Malformed ICMP Datagram Response DoS; 9.1; OSVDB ID: 12068 Mac OS 9 Personal Web Sharing Long HTTP Request Parsing Remote DoS

iTunes: 4.2.0.72; OSVDB ID: 5745 Apple QuickTime (QuickTime.qts) .mov File sample-to-chunk Table Data Handling Overflow; 4.6; OSVDB ID: 8223 Apple iTunes Visualiser Screen Lock Bypass; 4.7.0; OSVDB ID: 12833 Apple iTunes m3u/pls Playlist Overflow; 4.6.x; OSVDB ID: 12833 Apple iTunes m3u/pls Playlist Overflow; 4.5.x; OSVDB ID: 12833 Apple iTunes m3u/pls Playlist Overflow; 4.4.x; OSVDB ID: 12833 Apple iTunes m3u/pls Playlist Overflow; 4.3.x; OSVDB ID: 12833 Apple iTunes m3u/pls Playlist Overflow; 4.2.x; OSVDB ID: 12833 Apple iTunes m3u/pls Playlist Overflow; 4.1.x; OSVDB ID: 12833 Apple iTunes m3u/pls Playlist Overflow; 4.0.x; OSVDB ID: 12833 Apple iTunes m3u/pls Playlist Overflow; Unknown or Unspecified; OSVDB ID: 16243 Apple iTunes MPEG-4 File Parsing Overflow; 7.3.2; OSVDB ID: 38528 Apple iTunes MP4/AAC File covr atom Overflow; 6.0; OSVDB ID: 20066 Apple iTunes Shared Music Spoofed TTL List DoS; OSVDB ID: 26909 Apple iTunes AAC File Parsing Overflow; 8.1.1; OSVDB ID: 54833 Apple iTunes itms: URI Handling Overflow; 10.2.1; OSVDB ID: 71182 WebKit Style Element Handling Integer Overflow Code Execution; OSVDB ID: 72690 Webkit RenderLineBoxList::dirtyLinesFromChangedChild Use-after-free Arbitrary Code Execution; 10.2.1; 10.5; OSVDB ID: 76556 WebKit Custom Font Registration Handling Use-after-free Remote Code Execution; OSVDB ID: 79963 WebKit 'AbstractState::execute' Function Memory Corruption; OSVDB ID: 79962 WebKit Unspecified Memory Corruption (2012-0639); OSVDB ID: 79961 WebKit Unspecified Memory Corruption (2012-0638); OSVDB ID: 79960 WebKit Unspecified Memory Corruption (2012-0637); OSVDB ID: 79959 WebKit Unspecified Memory Corruption (2012-0636); OSVDB ID: 79958 WebKit Unspecified Memory Corruption (2012-0634); OSVDB ID: 79957 WebKit Custom Scrollbar Renderer Removed Use-after-free Issue; 10.5; 10.5; 10.5; 10.5; 10.5; 10.5; 10.6.2; OSVDB ID: 82897 Apple iTunes M3U File Handling Overflow; OSVDB ID: 81792 WebKit Unspecified Memory Corruption (2012-0672); 10.6.2; 10.6.1.7; OSVDB ID: 83220 Apple iTunes m3u File Handling Overflow; OSVDB ID: 82897 Apple iTunes M3U File Handling Overflow; 10.6.1.7; 10.6.3; OSVDB ID: 85412 WebKit 'ApplyStyleCommand::joinChildTextNodes' Function Use-after-free Issue; OSVDB ID: 85365 WebKit Unspecified Memory Corruption (2012-3651); OSVDB ID: 85366 WebKit 'RenderBlock::splitBlocks' Function Elements Splitting Use-after-free Issue; OSVDB ID: 85367 WebKit 'RenderBlock::blockBeforeWithinSelectionRoot' Function Memory Corruption; OSVDB ID: 85368 WebKit Scrollbar Handling Use-after-free Arbitrary Code Execution; OSVDB ID: 85369 WebKit Unspecified Memory Corruption (2012-3660); OSVDB ID: 85370 WebKit 'RenderObject::setAncestorLineBoxDirty' Function Use-after-free Issue; OSVDB ID: 85371 WebKit 'RenderBlock::updateFirstLetterStyle' Function Use-after-free Issue; OSVDB ID: 85372 WebKit 'RenderBlock::layoutInlineChildren' Function Use-after-free Issue; OSVDB ID: 85373 WebKit Progress Element Run-in Displaying Memory Corruption; OSVDB ID: 85374 WebKit 'RenderTableCol::isChildAllowed' Function Table Column Display Handling Memory Corruption; OSVDB ID: 85375 WebKit Unspecified Memory Corruption (2012-3677); OSVDB ID: 85376 WebKit 'StyleResolver::styleForElement' Function Dynamic Title Setting Memory Corruption; OSVDB ID: 85377 WebKit Unspecified Memory Corruption (2012-3685); OSVDB ID: 85416 WebKit 'HTMLAppletElement::renderWidgetForJSBindings' Function Inline Applet Bad Cast Memory Corruption; OSVDB ID: 85378 WebKit Unspecified Memory Corruption (2012-3687); OSVDB ID: 85379 WebKit 'RenderObject::absoluteBoundingBoxRect' Function Use-after-free Issue; OSVDB ID: 85380 WebKit RenderObject::containingBlock Absolute Positioned Object Handling Use-after-free Issue; OSVDB ID: 85381 WebKit AudioNodeOutput::disconnectAllParams Audio Node Handling Use-after-free Issue; OSVDB ID: 85382 WebKit Unspecified Memory Corruption (2012-3700); OSVDB ID: 85384 WebKit Cross-Origin Video Posting Use-after-free Issue; OSVDB ID: 85384 WebKit Cross-Origin Video Posting Use-after-free Issue; OSVDB ID: 85386 WebKit Unspecified Memory Corruption (2012-3703); OSVDB ID: 85387 WebKit SVGAnimatedPropertyTearOff Deletion Use-after-free Issue; OSVDB ID: 85388 WebKit Shadow DOM Subtree Event Dispatching Memory Corruption; OSVDB ID: 85389 WebKit SVGSMILElement::svgAttributeChanged Dynamic attributeName Modification Use-after-free Issue; OSVDB ID: 85392 WebKit Unspecified Memory Corruption (2012-3709); OSVDB ID: 85399 WebKit Unspecified Memory Corruption (2012-3632); OSVDB ID: 85402 WebKit Unspecified Memory Corruption (2012-3648); OSVDB ID: 85403 WebKit Unspecified Memory Corruption (2012-3649); OSVDB ID: 85414 WebKit Unspecified Memory Corruption (2012-3602); OSVDB ID: 85390 WebKit SVG Intersection List Handling Use-after-free Issue; OSVDB ID: 85391 WebKit Document::removedLastRef Document Cleanup Use-after-free Issue; OSVDB ID: 85393 WebKit Cached Image Handling Use-after-free Issue; OSVDB ID: 85394 WebKit Fixed Position Element Handling Memory Corruption; OSVDB ID: 85385 WebKit XHR Multiple Cancel/Restart Re-entrancy Use-after-free Issue; OSVDB ID: 85396 WebKit 'DragController::concludeEditDrag' Function Use-after-free Issue; OSVDB ID: 85397 WebKit 'CompositeEditCommand::breakOutOfEmptyListItem' Function Use-after-free Issue; OSVDB ID: 85398 WebKit Paragraph Separator Insertion Use-after-free Issue; OSVDB ID: 85400 WebKit Orphan Tree Parent Node With Child Deletion Use-after-free Issue; OSVDB ID: 85401 WebKit CharacterData::setData Text Node DOMCharacterDataModified Event Handling Use-after-free Issue; OSVDB ID: 85404 WebKit Inline Box For Floating / Position Objects In Isolates Creation Use-after-free Issue; OSVDB ID: 85405 WebKit Element::setAttributeInternal Hidden Input Type Switching Use-after-free Issue; OSVDB ID: 85406 WebKit 'swapInNodePreservingAttributesAndChildren' Function Use-after-free Issue; OSVDB ID: 85407 WebKit 'AccessibilityRenderObject::contentChanged' Function Use-after-free Issue; OSVDB ID: 85408 WebKit CSS Parser Incomplete ':not' Selector Memory Corruption; OSVDB ID: 85409 WebKit Object Element Reattaching Content Comparison Memory Corruption; OSVDB ID: 85410 WebKit 'ReplaceSelectionCommand::performTrivialReplace' Function Use-after-free Issue; OSVDB ID: 85411 WebKit Paragraph Separator Insertion Use-after-free Issue; OSVDB ID: 85413 WebKit :first-letter Pseudo Element Floats Handling Use-after-free Issue; OSVDB ID: 85415 WebKit SVGElement::isOutermostSVGSVGElement Shadow Tree Parent Confusion Memory Corruption; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.6.3; 10.7; OSVDB ID: 85536 Apple iTunes Process Memory Plaintext Credential Local Disclosure; 10.4.1; OSVDB ID: 72262 WebKit SVG Text Handling 'insertedIntoDocument' Stale Pointer; OSVDB ID: 76386 WebKit Unspecified Memory Corruption (2011-3239); OSVDB ID: 76341 WebKit Document::finishedParsing Frame Handling Use-after-free; OSVDB ID: 72476 WebKit Elements Referencing Counter Nodes Cloning Use-after-free; 10.5; OSVDB ID: 90446 WebKit :before Content Location Style Sheet Handling Use-after-free Remote Code Execution; 10.5; OSVDB ID: 90447 WebKit RenderObject::addChild Table Cell Handling Use-after-free Remote Code Execution; 10.5; OSVDB ID: 90448 WebKit RenderObjectChildList::updateBeforeAfterContent Style Sheet Handling Use-after-free; 10.5; OSVDB ID: 90449 WebKit Unspecified Style Sheet Handling Use-after-free Remote Code Execution; 10.5; OSVDB ID: 90450 WebKit RenderBlock::updateFirstLetter Style Sheet Handling Use-after-free Remote Code Execution; 10.1.2; OSVDB ID: 69205 Libxml2 Crafted XML File XPath Axis Traversal Invalid Memory Access Issue; 11.0.2; OSVDB ID: 83246 WebKit RenderSVGContainer::paint Function SVG Painting Use-after-free Issue; OSVDB ID: 84377 WebKit ProcessingInstruction::removedFrom Use-after-free Issue; OSVDB ID: 86149 WebKit SVGElementInstance::detach Function Use-after-free Arbitrary Code Execution; OSVDB ID: 86873 WebKit JavaScript Array Handling Race Condition Arbitrary Code Execution; OSVDB ID: 89646 WebKit Website Handling Unspecified Memory Corruption (2013-0948); OSVDB ID: 89645 WebKit Website Handling Unspecified Memory Corruption (2013-0949); OSVDB ID: 89656 WebKit Website Handling Unspecified Memory Corruption (2013-0950); OSVDB ID: 89655 WebKit Website Handling Unspecified Memory Corruption (2013-0951); OSVDB ID: 89654 WebKit Website Handling Unspecified Memory Corruption (2013-0952); OSVDB ID: 89653 WebKit Website Handling Unspecified Memory Corruption (2013-0953); OSVDB ID: 89652 WebKit Website Handling Unspecified Memory Corruption (2013-0954); OSVDB ID: 89651 WebKit Website Handling Unspecified Memory Corruption (2013-0955); OSVDB ID: 89650 WebKit Website Handling Unspecified Memory Corruption (2013-0956); OSVDB ID: 89649 WebKit Website Handling Unspecified Memory Corruption (2013-0958); OSVDB ID: 89648 WebKit Website Handling Unspecified Memory Corruption (2013-0959); OSVDB ID: 90521 WebKit AudioScheduledSourceNode::updateSchedulingInfo Web Audio Node Integer Underflow Memory Corruption; OSVDB ID: 91220 WebKit SVGViewSpec::viewTarget SVG Element Handling Type Confusion Arbitrary Code Execution; OSVDB ID: 91430 WebKit Unspecified Memory Corruption (2013-0960); OSVDB ID: 91429 WebKit Unspecified Memory Corruption (2013-0961); 11.0.3; OSVDB ID: 83246 WebKit RenderSVGContainer::paint Function SVG Painting Use-after-free Issue; OSVDB ID: 84377 WebKit ProcessingInstruction::removedFrom Use-after-free Issue; OSVDB ID: 86149 WebKit SVGElementInstance::detach Function Use-after-free Arbitrary Code Execution; OSVDB ID: 86873 WebKit JavaScript Array Handling Race Condition Arbitrary Code Execution; OSVDB ID: 89646 WebKit Website Handling Unspecified Memory Corruption (2013-0948); OSVDB ID: 89645 WebKit Website Handling Unspecified Memory Corruption (2013-0949); OSVDB ID: 89656 WebKit Website Handling Unspecified Memory Corruption (2013-0950); OSVDB ID: 89655 WebKit Website Handling Unspecified Memory Corruption (2013-0951); OSVDB ID: 89654 WebKit Website Handling Unspecified Memory Corruption (2013-0952); OSVDB ID: 89653 WebKit Website Handling Unspecified Memory Corruption (2013-0953); OSVDB ID: 89652 WebKit Website Handling Unspecified Memory Corruption (2013-0954); OSVDB ID: 89651 WebKit Website Handling Unspecified Memory Corruption (2013-0955); OSVDB ID: 89650 WebKit Website Handling Unspecified Memory Corruption (2013-0956); OSVDB ID: 89649 WebKit Website Handling Unspecified Memory Corruption (2013-0958); OSVDB ID: 89648 WebKit Website Handling Unspecified Memory Corruption (2013-0959); OSVDB ID: 90521 WebKit AudioScheduledSourceNode::updateSchedulingInfo Web Audio Node Integer Underflow Memory Corruption; OSVDB ID: 91220 WebKit SVGViewSpec::viewTarget SVG Element Handling Type Confusion Arbitrary Code Execution; OSVDB ID: 91430 WebKit Unspecified Memory Corruption (2013-0960); OSVDB ID: 91429 WebKit Unspecified Memory Corruption (2013-0961); 11.0.2; OSVDB ID: 93459 Apple iTunes HTTPS Server Certificate Validation MitM Spoofing Weakness

Mac OS: 7.5.3; OSVDB ID: 4993 Mac OS Users & Groups Data File Encryption Weakness; 7.6; OSVDB ID: 4993 Mac OS Users & Groups Data File Encryption Weakness; 7.6.1; OSVDB ID: 4993 Mac OS Users & Groups Data File Encryption Weakness; 8.0; OSVDB ID: 4993 Mac OS Users & Groups Data File Encryption Weakness; 8.1; OSVDB ID: 4993 Mac OS Users & Groups Data File Encryption Weakness; 8.5; OSVDB ID: 6331 Apple PowerBook Mac OS Control Panel Security Physical Bypass; OSVDB ID: 4993 Mac OS Users & Groups Data File Encryption Weakness; 8.6; OSVDB ID: 6331 Apple PowerBook Mac OS Control Panel Security Physical Bypass; OSVDB ID: 4993 Mac OS Users & Groups Data File Encryption Weakness; 8; OSVDB ID: 5356 Microsoft IE for Mac Local AppleScript Invocation; 9; OSVDB ID: 5356 Microsoft IE for Mac Local AppleScript Invocation; 10.2.8; OSVDB ID: 7097 Apple Mac OS X fs_usage Local Privilege Escalation; 10.3.2; OSVDB ID: 7097 Apple Mac OS X fs_usage Local Privilege Escalation; 10.3.4; OSVDB ID: 8232 Apple Mac OS X Connect.app Local Privilege Escalation

Mac OS 7: 7.0; OSVDB ID: 7038 Mac OS Runtime Java URLConnection Arbitrary Host Access

Mac OS Personal Web Sharing: 1.1; OSVDB ID: 83451 Mac OS Personal Web / IP Sharing Malformed Request Handling Remote Overflow

Mac OS 8: 8.0; OSVDB ID: 7038 Mac OS Runtime Java URLConnection Arbitrary Host Access

Mac OS Personal IP Sharing: 5.0; OSVDB ID: 83451 Mac OS Personal Web / IP Sharing Malformed Request Handling Remote Overflow

iPod Touch: 1.x; OSVDB ID: 47287 Apple Safari on iPhone / iPod touch Menu Button User Confirmation Spoofing Weakness; OSVDB ID: 47286 Apple Safari on iPhone / iPod touch Unicode Ideographic URL Spoofing Weakness; OSVDB ID: 47289 Apple Safari on iPhone / iPod touch JavaScript Array Indice Handling Arbitrary Code Execution; 2.0.2; OSVDB ID: 48044 Apple iPod Touch Networking Subsystem TCP Sequence Prediction; 1.0; OSVDB ID: 48980 Apple Mac OS X QuickLook Excel File Handling Arbitrary Code Execution; 2.1; OSVDB ID: 48980 Apple Mac OS X QuickLook Excel File Handling Arbitrary Code Execution

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.