289 matches found
CVE-2014-4483
Buffer overflow in FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted font file in a PDF document...
CVE-2014-4484
FontParser in Apple software (iOS prior to 8.1.3, OS X prior to 10.10.2, Apple TV prior to 7.0.3) is affected. The cited issue is a memory corruption vulnerability in handling .dfont files, which can be triggered by processing a crafted font file. This can lead to arbitrary code execution or a de...
CVE-2014-4484
FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted .dfont file...
CVE-2014-4483
The CVE is confirmed: CVE-2014-4483 affects Apple FontParser in PDF handling on Apple iOS before 8.1.3, OS X before 10.10.2, and Apple TV before 7.0.3. Root cause is a buffer/bounds-related issue in FontParser when processing font data inside PDFs, enabling a crafted font file to trigger a buffer...
Mac OS X Multiple Vulnerabilities (Security Update 2015-001) (POODLE)
The remote host is running a version of Mac OS X 10.8 or 10.9 that does not have Security Update 2015-001 applied. This update contains several security-related fixes for the following components : - AFP Server - Bluetooth - CoreGraphics - CoreSymbolication - FontParser - Foundation - Intel...
Mac OS X 10.10.x < 10.10.2 Multiple Vulnerabilities (POODLE)
The remote host is running a version of Mac OS X 10.10.x that is prior to version 10.10.2. This update contains several security-related fixes for the following components : - bash - Bluetooth - CFNetwork Cache - CommerceKit Framework - CoreGraphics - CoreSymbolication - CPU Software - FontParser...
Apple Patches Thunderstrike Bug in OSX, Fixes More Than 30 Flaws in iOS
Apple has released major security updates for both OS X and iOS that includes patches for a number of bugs that could lead to arbitrary code execution. The release of iOS 8.1.3 fixes a vulnerability that allowed an attacker to bypass the sandbox restrictions in Safari and the OS X update fixes a...
APPLE-SA-2014-04-22-1 Security Update 2014-002
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-04-22-1 Security Update 2014-002 Security Update 2014-002 is now available and addresses the following: CFNetwork HTTPProtocol Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2...
Mac OS X Multiple Vulnerabilities (Security Update 2014-002)
The remote host is running a version of Mac OS X 10.7, 10.8, or 10.9 that does not have Security Update 2014-002 applied. This update contains several security-related fixes for the following components : - CFNetwork HTTPProtocl - CoreServicesUIAgent - FontParser - Heimdal Kerberos - ImageIO -...