Описание
YoruFukurou (NightOwl) before 2.85 relies on support for emoji skin-tone modifiers even though this support is missing from the CoreText CTFramesetter API on OS X 10.9, which allows remote attackers to cause a denial of service (application crash) via a crafted emoji character sequence.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 2.84 (включая)
Одновременно
cpe:2.3:a:aki-null:yorufukurou:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:apple:mac_os_x:10.9:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00686
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
YoruFukurou (NightOwl) before 2.85 relies on support for emoji skin-tone modifiers even though this support is missing from the CoreText CTFramesetter API on OS X 10.9, which allows remote attackers to cause a denial of service (application crash) via a crafted emoji character sequence.
EPSS
Процентиль: 71%
0.00686
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-20