Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2016-1740

Published: 24/03/2016 Updated: 25/03/2019
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 829
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Mac Os X

Vulnerability Summary

FontParser in Apple iOS prior to 9.3, OS X prior to 10.11.4, tvOS prior to 9.2, and watchOS prior to 2.2 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple mac os x

apple tvos

apple watchos

apple iphone os

Github Repositories

https://github.com/ant4g0nist/fuzzing-pdfs-like-its-1990s

Fuzzing PDFs like its 1990s This is the fuzzer I made to fuzz Preview on macOS and iOS like 8years back when I just started fuzzing things Some disclosed vulnerabilities: CVE-2015-3723 CVE-2016-1737 CVE-2016-1740 CVE-2017-7031 Info The basic idea of this fuzzer was to mutate the streams of the pdf files without screwing the PDF Structure as a whole I collected some hundreds

https://github.com/r3dsm0k3/r3dsm0k3

Hey there Thanks for dropping by Hi, I'm Ajith1 aka r3dsm0k32, a polyglot, jack of all engineer ð

References

CWE-119https://support.apple.com/HT206166http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.htmlhttps://support.apple.com/HT206169http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.htmlhttps://support.apple.com/HT206168https://support.apple.com/HT206167http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2016/Mar/msg00004.htmlhttp://www.securitytracker.com/id/1035353http://www.zerodayinitiative.com/advisories/ZDI-16-201https://nvd.nist.govhttps://github.com/ant4g0nist/fuzzing-pdfs-like-its-1990s
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook