CVE-2016-1737

Name of the Vulnerable Software and Affected Versions Apple OS X versions prior to 10.11.4

Description The issue is caused by a buffer overflow in the Carbon component of the Mac OS X operating system. Exploitation of this issue may allow a remote attacker to execute arbitrary code or cause a denial of service (memory corruption) by using a specially crafted .dfont file.

Recommendations For Apple OS X versions prior to 10.11.4, update to version 10.11.4 or later to resolve the issue. As a temporary workaround, consider restricting access to .dfont files to minimize the risk of exploitation.