The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS prior to 9 mishandles failures of the write system call, which allows context-dependent malicious users to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple iphone os |
||
freebsd freebsd 10.1 |
||
apple mac os x |