Apple OS X WindowServer _XRegisterCursorWithData Memory Corruption Privilege Escalation Vulnerability

2016-12-15T00:00:00
ID ZDI-16-638
Type zdi
Reporter aca055c25829115b84ad07e72a4eff16
Modified 2016-12-15T00:00:00

Description

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

The specific flaw exists within the CoreGraphics module. The issue lies in the failure to properly validate user-supplied data which can result in a memory corruption condition. An attacker can leverage this vulnerability to escalate privileges under the context of WindowServer.