Published: 20/09/2012 Updated: 29/08/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 672

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Subscribe to Mac Os X

CoreText in Apple Mac OS X 10.7.x prior to 10.7.5 allows remote malicious users to execute arbitrary code or cause a denial of service (out-of-bounds write or read) via a crafted text glyph.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple mac os x 10.7.4
apple mac os x 10.7.3
apple mac os x 10.7.2
apple mac os x 10.7.1
apple mac os x 10.7.0
apple mac os x server 10.7.0
apple mac os x server 10.7.1
apple mac os x server 10.7.4
apple mac os x server 10.7.2
apple mac os x server 10.7.3

WiFi Arsenal Repo fully maintained by 0x90/wifi-arsenal READMEmd created by techge/wifi-arsenal Table of Contents General WiFi Information Noteworthy Tools of Different Categories Attack/PenTesting Denial of Service Encryption Attack WEP/WPA/WPA2 WPS Others Injection Rogue AP/Fake AP/ MITM Sniffing Wardriving Miscellaneous Attacking Tools Information Gathering Defence/D

WiFi Arsenal Repo fully maintained by 0x90/wifi-arsenal READMEmd created by techge/wifi-arsenal Table of Contents General WiFi Information Noteworthy Tools of Different Categories Attack/PenTesting Denial of Service Encryption Attack WEP/WPA/WPA2 WPS Others Injection Rogue AP/Fake AP/ MITM Sniffing Wardriving Miscellaneous Attacking Tools Information Gathering Defence/D

WiFi arsenal

WiFi Arsenal Repo fully maintained by 0x90/wifi-arsenal READMEmd created by techge/wifi-arsenal Table of Contents General WiFi Information Noteworthy Tools of Different Categories Attack/PenTesting Denial of Service Encryption Attack WEP/WPA/WPA2 WPS Others Injection Rogue AP/Fake AP/ MITM Sniffing Wardriving Miscellaneous Attacking Tools Information Gathering Defence/D

WiFi Arsenal Repo fully maintained by 0x90/wifi-arsenal READMEmd created by techge/wifi-arsenal Table of Contents General WiFi Information Noteworthy Tools of Different Categories Attack/PenTesting Denial of Service Encryption Attack WEP/WPA/WPA2 WPS Others Injection Rogue AP/Fake AP/ MITM Sniffing Wardriving Miscellaneous Attacking Tools Information Gathering Defence/D

WiFi Arsenal Repo fully maintained by 0x90/wifi-arsenal READMEmd created by techge/wifi-arsenal Table of Contents General WiFi Information Noteworthy Tools of Different Categories Attack/PenTesting Denial of Service Encryption Attack WEP/WPA/WPA2 WPS Others Injection Rogue AP/Fake AP/ MITM Sniffing Wardriving Miscellaneous Attacking Tools Information Gathering Defence/D

WiFi Arsenal Repo fully maintained by 0x90/wifi-arsenal READMEmd created by techge/wifi-arsenal Table of Contents General WiFi Information Noteworthy Tools of Different Categories Attack/PenTesting Denial of Service Encryption Attack WEP/WPA/WPA2 WPS Others Injection Rogue AP/Fake AP/ MITM Sniffing Wardriving Miscellaneous Attacking Tools Information Gathering Defence/D

WiFi Arsenal Repo fully maintained by 0x90/wifi-arsenal READMEmd created by techge/wifi-arsenal Table of Contents General WiFi Information Noteworthy Tools of Different Categories Attack/PenTesting Denial of Service Encryption Attack WEP/WPA/WPA2 WPS Others Injection Rogue AP/Fake AP/ MITM Sniffing Wardriving Miscellaneous Attacking Tools Information Gathering Defence/D

WiFi Arsenal Repo fully maintained by 0x90/wifi-arsenal READMEmd created by techge/wifi-arsenal Table of Contents General WiFi Information Noteworthy Tools of Different Categories Attack/PenTesting Denial of Service Encryption Attack WEP/WPA/WPA2 WPS Others Injection Rogue AP/Fake AP/ MITM Sniffing Wardriving Miscellaneous Attacking Tools Information Gathering Defence/D

use the Apple CoreText exploit (CVE-2012-3716) and launch an AP to affect all devices within wifi range

killosx Use Apple CoreText exploit (CVE-2012-3716) and launch an AP to affect all vulnerable Apple devices within wifi range Installation: Run 'make install' in the killosx directory killosx can now be run from anywhere with 'killosx' Usage: killOSX Usage - killosx -i wlan0 ~ Run exploit on wlan0 killosx -h ~ This help

WiFi Arsenal Repo fully maintained by 0x90/wifi-arsenal READMEmd created by techge/wifi-arsenal Table of Contents General WiFi Information Noteworthy Tools of Different Categories Attack/PenTesting Denial of Service Encryption Attack WEP/WPA/WPA2 WPS Others Injection Rogue AP/Fake AP/ MITM Sniffing Wardriving Miscellaneous Attacking Tools Information Gathering Defence/D

WiFi Arsenal Repo fully maintained by 0x90/wifi-arsenal READMEmd created by techge/wifi-arsenal Table of Contents General WiFi Information Noteworthy Tools of Different Categories Attack/PenTesting Denial of Service Encryption Attack WEP/WPA/WPA2 WPS Others Injection Rogue AP/Fake AP/ MITM Sniffing Wardriving Miscellaneous Attacking Tools Information Gathering Defence/D

WiFi Arsenal Repo fully maintained by 0x90/wifi-arsenal READMEmd created by techge/wifi-arsenal Table of Contents General WiFi Information Noteworthy Tools of Different Categories Attack/PenTesting Denial of Service Encryption Attack WEP/WPA/WPA2 WPS Others Injection Rogue AP/Fake AP/ MITM Sniffing Wardriving Miscellaneous Attacking Tools Information Gathering Defence/D

CWE-119 http://support.apple.com/kb/HT5501 http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html https://exchange.xforce.ibmcloud.com/vulnerabilities/78748 https://nvd.nist.gov https://github.com/abhisheksalaria04/wifi-arsenal https://github.com/0x90/wifi-arsenal

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook