Lucene search
Hjy79425575ZDI-21-941HistoryAug 05, 2021 - 12:00 a.m.
Apple macOS libType1Scaler PFB Font Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
2021-08-0500:00:00
hjy79425575
www.zerodayinitiative.com
19
0.001 Low
EPSS
Percentile
51.0%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the libType1Scaler library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of PFB fonts. A crafted PFB font can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
References
Related
prion
prion
Stack overflow
2021-09-08 14:15:00
cve
cve
CVE-2021-30759
2021-09-08 14:15:10
cvelist
cvelist
CVE-2021-30759
2021-09-08 13:45:19
nvd
nvd
CVE-2021-30759
2021-09-08 14:15:10
nessus
nessus
macOS 10.14.x < 10.14.6 Mojave Security Update 2021-005 (HT212603)
2021-07-23 00:00:00
macOS 10.15.x < Catalina Security Update 2021-004 Catalina (HT212600)
2021-07-23 00:00:00
macOS 11.x < 11.5 (HT212602)
2021-07-23 00:00:00
apple
apple
About the security content of tvOS 14.7
2021-07-19 00:00:00
About the security content of Security Update 2021-005 Mojave
2021-07-21 00:00:00
About the security content of watchOS 7.6
2021-07-19 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT212603)
2022-09-22 00:00:00
Apple Mac OS X Security Update (HT212600)
2022-09-22 00:00:00
Apple Mac OS X Security Update (HT212602)
2022-09-22 00:00:00
qualysblog
qualysblog
threatpost
threatpost
Apple Issues Urgent iPhone Updates; None for Pegasus Zero-Day
2021-07-22 16:18:25