289 matches found
CVE-2017-2407
CVE-2017-2407 affects Apple platforms via the FontParser component. The issue allows remote attackers to craft a font file that could cause memory corruption, leading to arbitrary code execution or an application crash (DoS). Affected products include iOS before 10.3, macOS before 10.12.4, tvOS b...
About the security content of macOS Sierra 10.12.1, Security Update 2016-002 El Capitan, and Security Update 2016-006 Yosemite - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
Mac OS X 10.x < 10.12.4 Multiple Vulnerabilities
Binary data 700032.prm...
Apple iOS < 10.3 Multiple Vulnerabilities
Binary data 700034.prm...
About the security content of watchOS 3.2
About the security content of watchOS 3.2 This document describes the security content of watchOS 3.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...
The vulnerabilities in operating systems such as Mac OS X and iOS allow attackers to trigger service failures or execute arbitrary code.
The vulnerability of the FontParser component in Mac OS X and iOS operating systems arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure memory corruption,...
Vulnerabilities of iOS and Mac OS X operating systems, allowing attackers to trigger service interruptions or execute arbitrary code
The vulnerability of the FontParser component in iOS and Mac OS X operating systems arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure application termination using a specially crafted font...
CVE-2016-4688
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute...
CVE-2016-4688
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute...
CVE-2016-4691
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption an...
CVE-2016-4660
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "FontParser" component. It allows remote attackers to obtain sensitive information or cause a...
Buffer overflow
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute...
Memory corruption
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption an...
Out-of-bounds
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "FontParser" component. It allows remote attackers to obtain sensitive information or cause a...
CVE-2016-4660
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "FontParser" component. It allows remote attackers to obtain sensitive information or cause a...
CVE-2016-4691
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption an...
CVE-2016-4688
CVE-2016-4688 affects FontParser in macOS (macOS Sierra 10.12.3 security content). The issue: memory corruption/buffer handling in font file processing, enabling remote code execution when a crafted font is opened. Apple references multiple FontParser CVEs (including 2017-2406/2407/2439/2487, etc...
CVE-2016-4691
CVE-2016-4691 affects Apple platforms where the FontParser component mishandles crafted font files, causing memory corruption and potential remote code execution or a denial of service. Affected: iOS prior to 10.2, macOS prior to 10.12.2, watchOS prior to 3.1.3. The vulnerability is addressed by ...
CVE-2016-4660
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "FontParser" component. It allows remote attackers to obtain sensitive information or cause a...
CVE-2016-4660
CVE-2016-4660 affects Apple platforms via the FontParser component. Public docs show an out-of-bounds read in a crafted font could disclose data or cause a denial of service, with related entries describing a buffer overflow that could lead to arbitrary code execution. Affected products include i...