CVE-2009-0154

Published: May 13, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code via a crafted Compact Font Format (CFF) font.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://support.apple.com/kb/HT3549

x_refsource_CONFIRM

35074

third-party-advisory

x_refsource_SECUNIA

APPLE-SA-2009-05-12

vendor-advisory

x_refsource_APPLE

macos-ats-cff-bo(50478)

vdb-entry

x_refsource_XF

34926

vdb-entry

x_refsource_BID

http://www.zerodayinitiative.com/advisories/ZDI-09-023

x_refsource_MISC

TA09-133A

third-party-advisory

x_refsource_CERT

ADV-2009-1297

vdb-entry

x_refsource_VUPEN

1022218

vdb-entry

x_refsource_SECTRACK

20090519 ZDI-09-023: Apple OS X ATSServer Compact Font Format Parsing Memory Corruption Vulnerability

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2009-0154

Description

Affected Products

References