Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2009-3020
HistoryAug 31, 2009 - 4:30 p.m.

CVE-2009-3020

2009-08-3116:30:00
NVD-CWE-Other
[email protected]
web.nvd.nist.gov
38
cve-2009-3020
win32k.sys
denial of service
windows server 2003
css
html
eot font engine
nvd

6.3 Medium

AI Score

Confidence

Low

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.187 Low

EPSS

Percentile

96.2%

JSON

win32k.sys in Microsoft Windows Server 2003 SP2 allows remote attackers to cause a denial of service (system crash) by referencing a crafted .eot file in the src descriptor of an @font-face Cascading Style Sheets (CSS) rule in an HTML document, possibly related to the Embedded OpenType (EOT) Font Engine, a different vulnerability than CVE-2006-0010, CVE-2009-0231, and CVE-2009-0232. NOTE: some of these details are obtained from third party information.

Related

prion 4
openvas 4
seebug 2
securityvulns 6
checkpoint_advisories 6
nessus 2
cert 1
cve 3
prion
prion
Design/Logic Flaw
2009-08-31 16:30:00
Heap overflow
2006-01-10 22:03:00
Integer overflow
2009-07-15 15:30:00
openvas
openvas
Microsoft Windows Server 2003 OpenType Font Engine DoS Vulnerability
2009-09-02 00:00:00
Microsoft Windows Server 2003 OpenType Font Engine DoS Vulnerability
2009-09-02 00:00:00
Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities (961371))
2009-07-15 00:00:00
seebug
seebug
Microsoft Windows嵌入式OpenType字体引擎拒绝服务漏洞
2009-09-02 00:00:00
Microsoft Windows嵌入式OpenType字体引擎整数溢出漏洞
2009-07-15 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS09-029 - Critical Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution (961371)
2009-07-14 00:00:00
Microsoft Windows Embedded OpenType (EOT) Fonts multiple security vulnerabilities
2010-01-15 00:00:00
[VulnWatch] [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability
2006-01-11 00:00:00
checkpoint_advisories
checkpoint_advisories
Workaround for Microsoft Windows Embedded OpenType (EOT) Font Engine Remote Code Execution Vulnerabilities (MS09-029)
2009-07-14 00:00:00
Microsoft Windows Embedded Web Font Handling Buffer Overflow (CVE-2006-0010)
2012-04-16 00:00:00
EOT Files (CVE-2006-0010)
2006-02-12 00:00:00
nessus
nessus
MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution (961371)
2009-07-14 00:00:00
MS06-002: Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution (908519)
2006-01-10 00:00:00
cert
cert
Microsoft embedded web font buffer overflow
2006-01-10 00:00:00
cve
cve
CVE-2006-0010
2006-01-10 22:03:00
CVE-2009-0232
2009-07-15 15:30:00
CVE-2009-0231
2009-07-15 15:30:00

6.3 Medium

AI Score

Confidence

Low

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.187 Low

EPSS

Percentile

96.2%

JSON
Related for CVE-2009-3020
prion4openvas4seebug2securityvulns6checkpoint_advisories6nessus2cert1cve3