Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-1252 | 1 Apple | 3 Iphone Os, Mac Os X, Pages | 2017-08-28 | 7.5 HIGH | N/A |
Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word file. | |||||
CVE-2017-2391 | 1 Apple | 3 Keynote, Numbers, Pages | 2017-07-11 | 5.0 MEDIUM | 5.3 MEDIUM |
An issue was discovered in certain Apple products. Pages before 6.1, Numbers before 4.1, and Keynote before 7.1 on macOS and Pages before 3.1, Numbers before 3.1, and Keynote before 3.1 on iOS are affected. The issue involves the "Export" component. It allows users to bypass iWork PDF password protection by leveraging use of 40-bit RC4. | |||||
CVE-2015-3784 | 1 Apple | 6 Iphone Os, Iwork, Keynote and 3 more | 2016-12-23 | 5.0 MEDIUM | N/A |
Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||
CVE-2015-7034 | 1 Apple | 2 Iwork, Pages | 2016-12-08 | 6.8 MEDIUM | N/A |
The Apple iWork application before 2.6 for iOS and Apple Pages before 5.6 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Pages document. | |||||
CVE-2015-7032 | 1 Apple | 4 Iwork, Keynote, Numbers and 1 more | 2016-12-08 | 4.3 MEDIUM | N/A |
The Apple iWork application before 2.6 for iOS, Apple Keynote before 6.6, Apple Pages before 5.6, and Apple Numbers before 3.6 allow remote attackers to obtain sensitive information via a crafted document. | |||||
CVE-2015-7033 | 1 Apple | 4 Iwork, Keynote, Numbers and 1 more | 2016-12-08 | 6.8 MEDIUM | N/A |
The Apple iWork application before 2.6 for iOS, Apple Keynote before 6.6, Apple Pages before 5.6, and Apple Numbers before 3.6 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted document. |