CVE-2015-6975
Description
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6992 and CVE-2015-7017.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A memory corruption vulnerability in CoreText allows remote attackers to execute arbitrary code or cause denial of service via a crafted font file.
Vulnerability
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 contains a memory corruption vulnerability that can be triggered by processing a crafted font file. The issue occurs when parsing malformed font data, leading to an out-of-bounds memory access. This vulnerability is distinct from CVE-2015-6992 and CVE-2015-7017.
Exploitation
An attacker can exploit this vulnerability by delivering a specially crafted font file to the target system. This can be achieved remotely through a malicious website that embeds the font, or via an email attachment that is opened by the user. No special privileges or authentication are required beyond the ability to process the font file.
Impact
Successful exploitation could result in arbitrary code execution with the privileges of the affected process, potentially allowing full compromise of the system. Alternatively, the attacker may cause a denial of service due to memory corruption, crashing the application.
Mitigation
Apple addressed this vulnerability in iOS 9.1 [2], OS X El Capitan 10.11.1, Security Update 2015-004 Yosemite, and Security Update 2015-007 Mavericks [1], and iTunes 12.3.1 for Windows [3]. Users should update to the latest available versions to protect against this vulnerability.
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
6cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*range: <=12.3.0
- (no CPE)range: <12.3.1
- Range: <9.1
- Range: <10.11.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- lists.apple.com/archives/security-announce/2015/Oct/msg00006.htmlnvdPatchVendor Advisory
- lists.apple.com/archives/security-announce/2015/Oct/msg00002.htmlnvdVendor Advisory
- lists.apple.com/archives/security-announce/2015/Oct/msg00005.htmlnvdVendor Advisory
- support.apple.com/HT205370nvdVendor Advisory
- support.apple.com/HT205372nvdVendor Advisory
- support.apple.com/HT205375nvdVendor Advisory
- www.securitytracker.com/id/1033929nvd
News mentions
0No linked articles in our index yet.