Apple Itunes vulnerabilities

CVE-2015-3687 [MEDIUM] CVE-2015-3687: CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrar CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3688, and CVE-2015-3689.

CVE-2015-1157 [HIGH] CWE-17 CVE-2015-1157: CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot a CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2) a WhatsApp message.

CVE-2014-8146 [HIGH] CWE-119 CVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implemen The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary

CVE-2015-1152 [MEDIUM] CVE-2015-1152: WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154.

CVE-2015-1153 [MEDIUM] CVE-2015-1153: WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1152 and CVE-2015-1154.

CVE-2015-1154 [MEDIUM] CVE-2015-1154: WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1152 and CVE-2015-1153.

CVE-2015-1121 [MEDIUM] CVE-2015-1121: WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x bef WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, A

CVE-2015-1124 [MEDIUM] CVE-2015-1124: WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x bef WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, A

CVE-2015-1119 [MEDIUM] CVE-2015-1119: WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x bef WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, A

CVE-2015-1122 [MEDIUM] CVE-2015-1122: WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x bef WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, A

CVE-2015-1120 [MEDIUM] CVE-2015-1120: WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x bef WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, A

CVE-2015-1082 [MEDIUM] CWE-399 CVE-2015-1082: WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1072 [MEDIUM] CWE-399 CVE-2015-1072: WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1069 [MEDIUM] CWE-399 CVE-2015-1069: WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1074 [MEDIUM] CWE-399 CVE-2015-1074: WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1068 [MEDIUM] CWE-399 CVE-2015-1068: WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1075 [MEDIUM] CWE-399 CVE-2015-1075: WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1073 [MEDIUM] CWE-399 CVE-2015-1073: WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1083 [MEDIUM] CWE-399 CVE-2015-1083: WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

CVE-2015-1070 [MEDIUM] CWE-399 CVE-2015-1070: WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.