Apple patched the buffer overflow vulnerability that this proof-of-concept exploits back in November 2012, so the only Apple users potentially affected by an attack deploying this exploit would be ...

The zero-day exploit is technically a heap buffer overflow in VP8 encoding in libvpx, which is a video code library developed by Google and the Alliance for Open Media.

Buffer overflows have been a serious security problem for software developers for several decades now, but the history of exploitation research on this class of flaws is relatively short.

High - CVE-2021-37984 : Heap buffer overflow in PDFium. Reported by Antti Levomäki, Joonas Pihlaja and Christian Jalio from Forcepoint on 2021-09-27 High - CVE-2021-37985 : Use after free in V8.

To exploit such a flaw, the attacker needs to ensure that more data is copied than the buffer can hold.</p> <p>Such attacks are normally fairly specific.