CVE-2015-3804
published 2015-08-17CVE-2015-3804: FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
PriorityP337high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
1.99%
84.0th percentile
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5756 and CVE-2015-5775.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | apple_tv | — | — |
| apple | ios | — | — |
| apple | iphone_os | <= 8.4 | — |
| apple | mac_os_x | <= 10.10.4 | — |
| apple | os_x_yosemite_v10.10.5_and_security_update_2015-006 | — | — |
Apple
CVE-2015-3804: OS X Yosemite v10.10.5 and Security Update 2015-006
vendor_apple·CVSS 7.5
CVE-2015-3804 [HIGH] CVE-2015-3804: OS X Yosemite v10.10.5 and Security Update 2015-006
Apple Security Update: About the security content of OS X Yosemite v10.10.5 and Security Update 2015-006
Product: OS X Yosemite v10.10.5 and Security Update 2015-006
CVE: CVE-2015-3804
Component: CVE-ID
Apple
CVE-2015-3804: Apple TV 7.2.1
vendor_apple·CVSS 7.5
CVE-2015-3804 [HIGH] CVE-2015-3804: Apple TV 7.2.1
Apple Security Update: About the security content of Apple TV 7.2.1
Product: Apple TV
Version: 7.2.1
CVE: CVE-2015-3804
Component: CVE-ID
Apple
CVE-2015-3804: iOS 8.4.1
vendor_apple·CVSS 7.5
CVE-2015-3804 [HIGH] CVE-2015-3804: iOS 8.4.1
Apple Security Update: About the security content of iOS 8.4.1
Product: iOS
Version: 8.4.1
CVE: CVE-2015-3804
Component: CVE-ID
GHSA
GHSA-4hqc-fmqh-778h: FontParser in Apple iOS before 8
ghsa_unreviewed·2022-05-17·CVSS 6.8
CVE-2015-3804 [MEDIUM] CWE-119 GHSA-4hqc-fmqh-778h: FontParser in Apple iOS before 8
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5756 and CVE-2015-5775.
GHSA
GHSA-f58f-gpmv-fc35: FontParser in Apple iOS before 8
ghsa_unreviewed·2022-05-17·CVSS 7.5
CVE-2015-5756 [HIGH] CWE-119 GHSA-f58f-gpmv-fc35: FontParser in Apple iOS before 8
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5775.
GHSA
GHSA-75mc-jhf7-g4w6: FontParser in Apple iOS before 8
ghsa_unreviewed·2022-05-17·CVSS 7.5
CVE-2015-5775 [HIGH] CWE-119 GHSA-75mc-jhf7-g4w6: FontParser in Apple iOS before 8
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-3804 and CVE-2015-5756.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2015/Aug/msg00002.htmlhttp://www.securityfocus.com/bid/76343http://www.securitytracker.com/id/1033275https://support.apple.com/kb/HT205030https://support.apple.com/kb/HT205031http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2015/Aug/msg00002.htmlhttp://www.securityfocus.com/bid/76343http://www.securitytracker.com/id/1033275https://support.apple.com/kb/HT205030https://support.apple.com/kb/HT205031
2015-08-17
Published