CVE-2015-3804

Vulnerability

CVE-2015-3804 is a memory corruption vulnerability in Apple's FontParser component, which handles font file parsing. A remote attacker can trigger the vulnerability by delivering a specially crafted font file to the target system. The issue affects Apple iOS versions before 8.4.1 and OS X versions before 10.10.5 (Yosemite), as well as earlier versions such as OS X Mavericks v10.9.5. This vulnerability is distinct from CVE-2015-5756 and CVE-2015-5775 [1][2].

Exploitation

An attacker can exploit this vulnerability remotely without any authentication or special privileges. The crafted font file can be delivered through various vectors, such as a malicious website, email attachment, or any method that causes the font to be rendered by the system. The FontParser process then parses the malformed font data, leading to memory corruption that can be controlled by the attacker.

Impact

Successful exploitation of this vulnerability allows an attacker to execute arbitrary code on the affected device with the privileges of the user running the application that rendered the font. In the case of system-level parsing, this could lead to full system compromise. Alternatively, the attacker could cause a denial of service by crashing the application or the system (memory corruption leading to crash) [1][2].

Mitigation

Apple addressed this vulnerability in iOS 8.4.1, released on August 13, 2015, and OS X Yosemite v10.10.5 and Security Update 2015-006, released on the same date. Users should update to the latest available versions. No workarounds were disclosed for systems that cannot be updated [1][2].