2 matches found
ZDI-10-076: Apple Preview libFontParser SpecialEncoding Remote Code Execution Vulnerability
ZDI-10-076: Apple Preview libFontParser SpecialEncoding Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-076 April 14, 2010 -- CVE ID: CVE-2010-1120 -- Affected Vendors: Apple -- Affected Products: Apple Preview -- TippingPointTM IPS Customer Protection:...
CVE-2010-1120
CVE-2010-1120 is tied to an unchecked index issue in Apple Type Services’ handling of embedded fonts, allowing remote code execution in affected Apple OS X components. Publicly documented impact includes Safari 4 on Mac OS X 10.6 and Apple Preview (libFontParser.dylib) with a SpecialEncoding heap...