CVE-2016-1796
CVE-2016-1796 affects Apple Type Services (ATS) in OS X El Capitan before 10.11.5. The ZDI advisory describes a heap-based buffer overflow in libATSServer’s GetUncompressedBitmapRepresentation that can allow arbitrary code execution on vulnerable systems, typically requiring the user to visit a m...