CVE-2011-3449: Use-after-free vulnerability in CoreText in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service…

medium6.8CVSS 3.1

AVNACMAuNCPIPAP

Use-after-free vulnerability in CoreText in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document.

Affected

6 ranges

Vendor	Product	Version range	Fixed in
apple	mac_os_x	<= 10.7.2	—
apple	mac_os_x	—	—
apple	mac_os_x	—	—
apple	mac_os_x_server	<= 10.7.2	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—