pentester & vuln researcher writing about stuff...
Wednesday, 1 July 2015
[CVE-2015-3679] Apple OS X morx nSubtables Memory Corruption Remote Code Execution and [CVE-2015-3680] DFont FOND Memory Corruption Remote Code Execution
Yesterday Apple has released a security update 2015-005 which included fixes for two vulnerabilities related to font parsing in OS X that i have reported to the ZDI. See original advisories for CVE-2015-3679 and CVE-2015-3680.