Lucene search
Pawel WylecialZDI-15-284HistoryJul 01, 2015 - 12:00 a.m.
Apple OS X DFont FOND Memory Corruption Remote Code Execution Vulnerability
2015-07-0100:00:00
Pawel Wylecial
www.zerodayinitiative.com
14
EPSS
0.153
Percentile
95.9%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of data fork font suitcase files. The issue lies in the parsing of the ‘FOND’ table. An attacker can leverage this vulnerability to execute code under the context of the current user.
References
Related
prion
prion
Memory corruption
2015-07-03 01:59:00
Memory corruption
2015-07-03 01:59:00
Memory corruption
2015-07-03 01:59:00
nvd
nvd
cvelist
cvelist
cve
cve
nessus
nessus
Mac OS X 10.10.x < 10.10.4 Multiple Vulnerabilities (GHOST) (Logjam)
2015-07-01 00:00:00
securityvulns
securityvulns
Apple Mac OS X / EFI multiple security vulnerabilities
2015-07-05 00:00:00
APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005
2015-07-05 00:00:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities-01 (Jul 2015)
2015-07-10 00:00:00