CVE-2015-5761
published 2015-08-17CVE-2015-5761: CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption…
PriorityP432medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
2.50%
85.6th percentile
CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5755.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | apple_tv | — | — |
| apple | ios | — | — |
| apple | iphone_os | <= 8.4 | — |
| apple | itunes | <= 12.2 | — |
| apple | itunes | — | — |
| apple | mac_os_x | <= 10.10.4 | — |
| apple | os_x_yosemite_v10.10.5_and_security_update_2015-006 | — | — |
Apple
CVE-2015-5761: iOS 8.4.1
vendor_apple·CVSS 6.8
CVE-2015-5761 [MEDIUM] CVE-2015-5761: iOS 8.4.1
Apple Security Update: About the security content of iOS 8.4.1
Product: iOS
Version: 8.4.1
CVE: CVE-2015-5761
Component: CVE-ID
Apple
CVE-2015-5761: Apple TV 7.2.1
vendor_apple·CVSS 6.8
CVE-2015-5761 [MEDIUM] CVE-2015-5761: Apple TV 7.2.1
Apple Security Update: About the security content of Apple TV 7.2.1
Product: Apple TV
Version: 7.2.1
CVE: CVE-2015-5761
Component: CVE-ID
Apple
CVE-2015-5761: iTunes 12.3
vendor_apple·CVSS 6.8
CVE-2015-5761 [MEDIUM] CVE-2015-5761: iTunes 12.3
Apple Security Update: About the security content of iTunes 12.3
Product: iTunes
Version: 12.3
CVE: CVE-2015-5761
Component: CVE-ID
Impact: Applications that use ICU may be vulnerable to unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in the processing of unicode strings. These issues were addressed by updating ICU to version 55.
Apple
CVE-2015-5761: OS X Yosemite v10.10.5 and Security Update 2015-006
vendor_apple·CVSS 6.8
CVE-2015-5761 [MEDIUM] CVE-2015-5761: OS X Yosemite v10.10.5 and Security Update 2015-006
Apple Security Update: About the security content of OS X Yosemite v10.10.5 and Security Update 2015-006
Product: OS X Yosemite v10.10.5 and Security Update 2015-006
CVE: CVE-2015-5761
Component: CVE-ID
GHSA
GHSA-cw72-8fv8-g25v: CoreText in Apple iOS before 8
ghsa_unreviewed·2022-05-17·CVSS 6.8
CVE-2015-5761 [MEDIUM] CWE-119 GHSA-cw72-8fv8-g25v: CoreText in Apple iOS before 8
CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5755.
GHSA
GHSA-p5g7-mvx2-57vw: CoreText in Apple iOS before 8
ghsa_unreviewed·2022-05-17·CVSS 6.8
CVE-2015-5755 [MEDIUM] CWE-119 GHSA-p5g7-mvx2-57vw: CoreText in Apple iOS before 8
CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5761.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2015/Aug/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2015/Sep/msg00003.htmlhttp://www.securityfocus.com/bid/76343http://www.securitytracker.com/id/1033275https://support.apple.com/HT205221https://support.apple.com/kb/HT205030https://support.apple.com/kb/HT205031http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2015/Aug/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2015/Sep/msg00003.htmlhttp://www.securityfocus.com/bid/76343http://www.securitytracker.com/id/1033275https://support.apple.com/HT205221https://support.apple.com/kb/HT205030https://support.apple.com/kb/HT205031
2015-08-17
Published