CVE-2015-1100

Apple macOS X < 10.10.2 - Denial of Service via Out-of-Bounds Memory Access

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-1100. PoCs published by Maxime Villard.

AI-analyzed exploit summary This exploit crafts a malicious FAT binary with an excessive number of architectures (4096) to trigger a missing limit check in the Mac OS X kernel's FAT loader, causing a local denial-of-service (DoS). The crafted binary is then executed via posix_spawn with a non-existent CPU type preference to exploit the vulnerability.

Description

The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (out-of-bounds memory access) or obtain sensitive memory-content information via a crafted app.

Exploits (1)

exploitdb WORKING POC

by Maxime Villard · cdososx

https://www.exploit-db.com/exploits/36814

View Code ZIP pw:eip

This exploit crafts a malicious FAT binary with an excessive number of architectures (4096) to trigger a missing limit check in the Mac OS X kernel's FAT loader, causing a local denial-of-service (DoS). The crafted binary is then executed via posix_spawn with a non-existent CPU type preference to exploit the vulnerability.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Mac OS X Kernel (FAT loader)

No auth needed

Prerequisites: Local access to a vulnerable Mac OS X system

MITRE ATT&CK