CVE-2015-5761

Vulnerability

CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 contains a memory corruption vulnerability that can be triggered by processing a specially crafted font file. This issue is distinct from CVE-2015-5755 and affects all versions prior to the patched releases [1][2]. The vulnerability exists in the font parsing routines of CoreText, where inadequate bounds checking leads to memory corruption.

Exploitation

An attacker can exploit this vulnerability by delivering a malicious font file to the victim, for example through a webpage, email attachment, or any other method that causes the system to render the font. No authentication or special privileges are required, and the attack can be executed remotely over a network [3]. The victim only needs to view content that triggers CoreText font processing.

Impact

Successful exploitation results in arbitrary code execution with the privileges of the affected application or system process, or a denial of service due to application crash. The impact is full compromise of confidentiality, integrity, and availability on the targeted system [1][2][3].

Mitigation

Apple has addressed this vulnerability in iOS 8.4.1 and OS X Yosemite 10.10.5, released on August 13, 2015 [1][2]. Additionally, iTunes 12.3 for Windows includes fixes for CoreText issues affecting applications that use the framework [3]. Users should update to the latest available versions. No workarounds are documented.