h0wl's blog

pentester & vuln researcher writing about stuff...

Wednesday, 1 July 2015

[CVE-2015-3679] Apple OS X morx nSubtables Memory Corruption Remote Code Execution and [CVE-2015-3680] DFont FOND Memory Corruption Remote Code Execution

Yesterday Apple has released a security update 2015-005 which included fixes for two vulnerabilities related to font parsing in OS X that i have reported to the ZDI. See original advisories for CVE-2015-3679 and CVE-2015-3680.

Posted by Pawel Wylecial at 19:51 0 comments

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Labels: advisory, Apple, bug, code execution, CVE-2015-3679, CVE-2015-3680, exploit, Font, memory corruption, OS X, ZDI

Newer Posts Older Posts Home

Subscribe to: Posts (Atom)

Links

BlackOwlSec
twitter
linkedin
Browser Shredders

Subscribe To

Posts

Atom

Posts

All Comments

Atom

All Comments

Blog Archive

▼ 2015 (5)
- ▼ July (1)
  - [CVE-2015-3679] Apple OS X morx nSubtables Memory ...
- ► June (2)
- ► April (1)
- ► February (1)

► 2014 (6)
- ► November (1)
- ► July (1)
- ► June (1)
- ► May (2)
- ► March (1)

► 2013 (3)
- ► November (1)
- ► September (1)
- ► March (1)

► 2012 (10)
- ► September (1)
- ► July (1)
- ► June (3)
- ► April (1)
- ► March (3)
- ► February (1)

Simple theme. Powered by Blogger.