ID

VAR-201510-0180

CVE

CVE-2015-7017

TITLE

Apple iOS Such as CoreText Vulnerable to arbitrary code execution

DESCRIPTION

CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-6992. Successful exploits may allow attackers to execute arbitrary code in the context of the affected system; Failed exploit attempts will cause denial-of-service conditions. in the United States. iTunes is a suite of multimedia music player applications. CoreText is one of the text engines that can control text formatting and text layout. A security vulnerability exists in the CoreText engine of several Apple products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-10-21-5 iTunes 12.3.1 iTunes 12.3.1 is now available and addresses the following: iTunes Available for: Windows 7 and later Impact: A man-in-the-middle attack while browsing the iTunes Store via iTunes may result in unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5928 : Apple CVE-2015-5929 : Apple CVE-2015-5930 : Apple CVE-2015-5931 CVE-2015-7002 : Apple CVE-2015-7011 : Apple CVE-2015-7012 : Apple CVE-2015-7013 : Apple CVE-2015-7014 iTunes Available for: Windows 7 and later Impact: Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the processing of text files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-6975 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-6992 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7017 : John Villamil (@day6reak), Yahoo Pentest Team Installation note: iTunes 12.3.1 may be obtained from: http://www.apple.com/itunes/download/ You may also update to the latest version of iTunes via Apple Software Update, which can be found in the Start menu. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWJuK0AAoJEBcWfLTuOo7tFqsP/i4hhZ9050OUg8jdzLx7ql9b pw0VB3uCssp4c7m6U/Dr90sgAAG1BRqNZF5jE0ItWfaeVxUtny9iHvj9MF5mhU4O 1hd/+f9iVeA2chOi63jVBYl/RTON/HLG0EukNAt57H7UNcnpGOJMwPxciDgHb5mi GEQEo3Q9bM2B9ReMcxCenVWBJ+e02l4iAqFBeV09BgAYvbaTvAQamjSeXkKyodI3 AkHmUuq6qWx9ka3EcMkEtm/agI2fKewlfI3WgpotkBx2lrZGUeFiuD21Nmq0diL8 O6tWt3FG4FsdrbPN7rm1NtPQq+fAnHn3EWCrpz32LB6Dh6NTqTLLesVDD5BCCK4p TanM1TlaRPVuBxg6oCLreNN8IHAx25vhCLEsAw9GMl5JRhmBL9IjTczt91zFAAjX fdW1bhq2O283MrRqZxvJW3eBti4IMr+cZtP9+OdlK+8zGx91LdvWNcuMS5Eg2W5T Auwf4ZfHmVCX5DDe2wgeUqe14eTpDomCI4S4utyh6jVtA0+b7V7FEBVlqc760ThO Gj7W4it3Ljosw6/VQodEPDiesbvhw+Cn7FcTHKxV7fgz+tLFSlEcox5BU0m/ardJ xWJ6c7qrT8TKkE4wYGHWljhWx7o6SkU/60BYZo5FNAYllYC1bp2rQTa7G79fjMvM eXiT4RZimmMNlbqwFKHQ =4LVn -----END PGP SIGNATURE-----

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

buffer overflow

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

John Villamil (@day6reak), Yahoo Pentest Team.

SOURCES

LAST UPDATE DATE

2025-04-13T22:18:14.364000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE