119 matches found
Apple tvOS 缓冲区错误漏洞
Apple tvOS is a set of smart TV operating systems from Apple USA. A buffer error vulnerability exists in Apple TV 4K and Apple TV HD, which stems from a boundary error when processing font files in FontParser. The vulnerability can be exploited to trick a victim into opening a specially crafted...
Apple macOS 缓冲区错误漏洞
Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. A buffer error vulnerability exists in macOS, which arises from a boundary error when processing font files in the FontParser component. 10.14.4 18E226, 10.14.4 18E227, 10.14.5 18F132, 10.14.6 18G84, 10.14.6...
Apple FontParser Buffer Error Vulnerability
Apple FontParser is a font parsing program from Apple Inc. A security vulnerability exists in Apple FontParser that stems from a boundary condition when processing font files within the FontParser component in macOS. A remote attacker can create a specially crafted file, trick a victim into openi...
Security Bulletin: Vulnerability in IBM Java Runtime affects Rational Publishing Engine
Summary There is a vulnerability in IBM Java Runtime Environment, Versions 6 and 7 that are used by Rational Publishing Engine. Vulnerability Details CVEID: CVE-2016-5582 DESCRIPTION: A flaw in the Hotspot JIT compiler allows an attacker to disable the security manager and execute arbitrary code...
CVE-2017-4913
VMware Workstation 12.x prior to 12.5.3 and Horizon View Client 4.x prior to 4.4.0 contain an integer-overflow vulnerability in the True Type Font parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstatio...
CVE-2017-4909
VMware Workstation 12.x prior to 12.5.3 and Horizon View Client 4.x prior to 4.4.0 contain a heap buffer-overflow vulnerability in TrueType Font TTF parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs...
VMware Workstation and Horizon Client Integer Overflow Vulnerability
VMware Workstation is a paid and feature-rich set of virtual machine software.VMware Workstation Player is a free open source and simpler virtual machine software.Horizon Client for Windows is used to virtualize desktops and applications. VMware Workstation and Horizon Client have an integer...
Multiple Read/Write Vulnerabilities in VMware Workstation and Horizon View Client
VMware Workstation is a paid and feature-rich set of virtual machine software.VMware Workstation Player is a free open source and simpler virtual machine software.Horizon Client for Windows is used to virtualize desktops and applications. VMware Workstation and Horizon View Client have multiple...
Apple iOS/tvOS/macOS/watchOS Denial of Service Vulnerability (CNVD-2017-05003)
iOS is a mobile operating system developed by Apple Inc. First announced at Macworld on January 9, 2007, it was initially designed for use with the iPhone, and has since been applied to the iPod touch, iPad, and Apple TV. tvOS is an Apple-developed system based on iOS. tvOS is the operating syste...
Apple iOS/tvOS/macOS/watchOS Information Disclosure Vulnerability
iOS is a mobile operating system developed by Apple Inc. First announced at the Macworld conference on January 9, 2007, it was originally designed for use with the iPhone, and has since been applied to the iPod touch, iPad, and Apple TV. tvOS is an Apple-developed system based on iOS. tvOS is the...
CVE-2017-2439
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to obtain sensitive information or cause a deni...
CVE-2017-2406
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of...
Vulnerabilities of iOS and Mac OS X operating systems, which allow attackers to trigger service failures or obtain confidential information
The vulnerability of the FontParser component in iOS and Mac OS X operating systems is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to obtain confidential information or cause service failures such as reading out of memory or...
CVE-2016-4691
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption an...
Vulnerabilities of operating systems such as Mac OS X and iOS, which allow attackers to obtain confidential information from process memory
The vulnerability of the FontParser component in Mac OS X and iOS operating systems arises due to buffer overflow. Exploiting this vulnerability can allow a malicious actor to obtain confidential information from the process’s memory using a specially crafted font...
CVE-2016-4718
Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory via a crafted font file...
CVE-2016-1740
FontParser in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted PDF document...
Apple iOS/OS X/watchOS FontParser Memory Corruption Vulnerability
OS X formerly Mac OS X is the latest version of Apple's proprietary operating system for the Macintosh computer. iOS is an operating system developed by Apple for mobile devices. A security vulnerability exists in FontParser in Apple iOS versions prior to 9.1, Apple OS X versions prior to 10.11.1...
Apple Safari FontParser Arbitrary Code Execution Vulnerability
Safari is a web browser developed by Apple, Inc. and is the default browser that comes with the Mac OS X and iOS operating systems. A security vulnerability exists in Apple Safari's FontParser. As the program fails to properly parse font files. An attacker can exploit this vulnerability to execut...
Vulnerabilities of iOS and Mac OS X operating systems, allowing attackers to execute arbitrary code or cause system failures
The vulnerability of the FontParser component in iOS and Mac OS X operating systems arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure using the created font file...