CVE-2016-1737

MEDIUM

Carbon <10.11.4 - Memory Corruption

Title source: llm

Description

Carbon in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dfont file.

References (3)

Scores

CVSS v3 6.3
EPSS 0.0074
EPSS Percentile 72.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Classification

CWE
CWE-119
Status draft

Affected Products (1)

apple/mac_os_x < 10.11.3

Timeline

Published Mar 24, 2016
Tracked Since Feb 18, 2026