|TREND MICRO CUSTOMER PROTECTION
|Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID ['11876']. For further product information on the TippingPoint IPS: http://www.tippingpoint.com
The specific flaw exists within how the application parses font names embedded within an atom. When parsing the font name, the application will treat a length from the file as a signed value when copying font data into a buffer. Due to an unsigned promotion, this can be used to write outside the bounds of a buffer which can lead to code execution under the context of the application.
Apple has issued an update to correct this vulnerability. More details can be found at: