Apple OS X WindowServer _XRegisterCursorWithData Memory Corruption Privilege Escalation Vulnerability

ID ZDI-16-638
Type zdi
Reporter aca055c25829115b84ad07e72a4eff16
Modified 2016-06-22T00:00:00


This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CoreGraphics module. The issue lies in the failure to properly validate user-supplied data which can result in a memory corruption condition. An attacker can leverage this vulnerability to escalate privileges under the context of WindowServer.