CVE-2017-13849

Sažetak

An issue was discovered in certain Apple products. iOS before 11.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (application crash) via a crafted text file.

Reference

http://www.securityfocus.com/bid/101691
http://www.securitytracker.com/id/1039703
https://support.apple.com/HT208219
https://support.apple.com/HT208220
https://support.apple.com/HT208222
https://www.exploit-db.com/exploits/43161/

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

08-03-2019 - 16:06

Objavljeno

13-11-2017 - 03:29