ID CVE-2015-0092 Type cve Reporter NVD Modified 2018-10-12T18:08:24
Description
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0088, CVE-2015-0090, CVE-2015-0091, and CVE-2015-0093.
{"id": "CVE-2015-0092", "bulletinFamily": "NVD", "title": "CVE-2015-0092", "description": "Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka \"Adobe Font Driver Remote Code Execution Vulnerability,\" a different vulnerability than CVE-2015-0088, CVE-2015-0090, CVE-2015-0091, and CVE-2015-0093.", "published": "2015-03-11T06:59:18", "modified": "2018-10-12T18:08:24", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0092", "reporter": "NVD", "references": ["http://www.securitytracker.com/id/1031889", "http://www.securityfocus.com/bid/72906", "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-021"], "cvelist": ["CVE-2015-0092"], "type": "cve", "lastseen": "2018-10-13T11:06:56", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/o:microsoft:windows_server_2012:r2:-:~-~essentials~~~", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2008:r2:sp1", "cpe:/o:microsoft:windows_server_2012:-:gold", "cpe:/o:microsoft:windows_8:-", "cpe:/o:microsoft:windows_8.1:-:-:~-~-~-~x64~", "cpe:/o:microsoft:windows_server_2012:r2:-:~-~datacenter~~~", "cpe:/o:microsoft:windows_server_2008:-:sp2", "cpe:/o:microsoft:windows_server_2012:r2:-:~-~standard~~~", "cpe:/o:microsoft:windows_server_2003::sp2", "cpe:/o:microsoft:windows_rt:-:gold", "cpe:/o:microsoft:windows_8.1:-:-:~-~-~-~x86~", "cpe:/o:microsoft:windows_vista::sp2", "cpe:/o:microsoft:windows_7:-:sp1"], "cvelist": ["CVE-2015-0092"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka \"Adobe Font Driver Remote Code Execution Vulnerability,\" a different vulnerability than CVE-2015-0088, CVE-2015-0090, CVE-2015-0091, and CVE-2015-0093.", "edition": 2, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}}, "hash": "3559bc8200841a779d02b7d802a0af6bd757566391337205e2edf2b204b01c54", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "8c6832c03f17051039e73f5ea687b844", "key": "title"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "9dd3b1368d99b5bb0c9c5c34e6ea4011", "key": "modified"}, {"hash": "eabf7387b388654d6dbb5b778e02bd3c", "key": "href"}, {"hash": "648222cfdc0fef3b100f1aad7ff9f4b1", "key": "cvelist"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "1782ca785f2f021caddfb34d7e43ebd2", "key": "references"}, {"hash": "f2ddf88d5bc2217e3e3ef2b0d88b5d85", "key": "cpe"}, {"hash": "219cbb99140bbcf0c8c3bcf3fbfd9618", "key": "published"}, {"hash": "1084889736fb0ac404384a5e97f28983", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0092", "id": "CVE-2015-0092", "lastseen": "2017-04-18T15:55:45", "modified": "2017-01-02T21:59:27", "objectVersion": "1.2", "published": "2015-03-11T06:59:18", "references": ["http://www.securitytracker.com/id/1031889", "http://technet.microsoft.com/security/bulletin/MS15-021", "http://www.securityfocus.com/bid/72906"], "reporter": "NVD", "scanner": [], "title": "CVE-2015-0092", "type": "cve", "viewCount": 3}, "differentElements": ["references", "modified"], "edition": 2, "lastseen": "2017-04-18T15:55:45"}, {"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/o:microsoft:windows_server_2012:r2:-:~-~essentials~~~", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2008:r2:sp1", "cpe:/o:microsoft:windows_server_2012:-:gold", "cpe:/o:microsoft:windows_8:-", "cpe:/o:microsoft:windows_8.1:-:-:~-~-~-~x64~", "cpe:/o:microsoft:windows_server_2012:r2:-:~-~datacenter~~~", "cpe:/o:microsoft:windows_server_2008:-:sp2", "cpe:/o:microsoft:windows_server_2012:r2:-:~-~standard~~~", "cpe:/o:microsoft:windows_server_2003::sp2", "cpe:/o:microsoft:windows_rt:-:gold", "cpe:/o:microsoft:windows_8.1:-:-:~-~-~-~x86~", "cpe:/o:microsoft:windows_vista::sp2", "cpe:/o:microsoft:windows_7:-:sp1"], "cvelist": ["CVE-2015-0092"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka \"Adobe Font Driver Remote Code Execution Vulnerability,\" a different vulnerability than CVE-2015-0088, CVE-2015-0090, CVE-2015-0091, and CVE-2015-0093.", "edition": 1, "hash": "a1a5e7aef23890063cc8ce4d14ba2dae81df2427bd3013a058c0f37d8066f107", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "8c6832c03f17051039e73f5ea687b844", "key": "title"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "eabf7387b388654d6dbb5b778e02bd3c", "key": "href"}, {"hash": "648222cfdc0fef3b100f1aad7ff9f4b1", "key": "cvelist"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "f2ddf88d5bc2217e3e3ef2b0d88b5d85", "key": "cpe"}, {"hash": "c323e19366abfeecf0dc7bbaccdd4b68", "key": "references"}, {"hash": "219cbb99140bbcf0c8c3bcf3fbfd9618", "key": "published"}, {"hash": "1084889736fb0ac404384a5e97f28983", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "a96b4c7a9981e1b8c7428102cfae68dd", "key": "modified"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0092", "id": "CVE-2015-0092", "lastseen": "2016-09-03T21:49:44", "modified": "2015-10-27T22:18:11", "objectVersion": "1.2", "published": "2015-03-11T06:59:18", "references": ["http://www.securitytracker.com/id/1031889", "http://technet.microsoft.com/security/bulletin/MS15-021"], "reporter": "NVD", "scanner": [], "title": "CVE-2015-0092", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T21:49:44"}], "edition": 3, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "f2ddf88d5bc2217e3e3ef2b0d88b5d85"}, {"key": "cvelist", "hash": "648222cfdc0fef3b100f1aad7ff9f4b1"}, {"key": "cvss", "hash": "2076413bdcb42307d016f5286cbae795"}, {"key": "description", "hash": "1084889736fb0ac404384a5e97f28983"}, {"key": "href", "hash": "eabf7387b388654d6dbb5b778e02bd3c"}, {"key": "modified", "hash": "5b1652fe39393c6762bcd0016237964f"}, {"key": "published", "hash": "219cbb99140bbcf0c8c3bcf3fbfd9618"}, {"key": "references", "hash": "1aabafc1339828f51448aff0c1ca8613"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "8c6832c03f17051039e73f5ea687b844"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "cf54c6e950b62b265733a65faa945dd191fa819baa12359a7b80466d5b77d7cd", "viewCount": 6, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "symantec", "idList": ["SMNTC-72906"]}, {"type": "zdi", "idList": ["ZDI-15-227"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310805052"]}, {"type": "nessus", "idList": ["SMB_NT_MS15-021.NASL"]}, {"type": "kaspersky", "idList": ["KLA10468"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14384"]}], "modified": "2018-10-13T11:06:56"}, "vulnersScore": 9.3}, "objectVersion": "1.3", "cpe": ["cpe:/o:microsoft:windows_server_2012:r2:-:~-~essentials~~~", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2008:r2:sp1", "cpe:/o:microsoft:windows_server_2012:-:gold", "cpe:/o:microsoft:windows_8:-", "cpe:/o:microsoft:windows_8.1:-:-:~-~-~-~x64~", "cpe:/o:microsoft:windows_server_2012:r2:-:~-~datacenter~~~", "cpe:/o:microsoft:windows_server_2008:-:sp2", "cpe:/o:microsoft:windows_server_2012:r2:-:~-~standard~~~", "cpe:/o:microsoft:windows_server_2003::sp2", "cpe:/o:microsoft:windows_rt:-:gold", "cpe:/o:microsoft:windows_8.1:-:-:~-~-~-~x86~", "cpe:/o:microsoft:windows_vista::sp2", "cpe:/o:microsoft:windows_7:-:sp1"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}
{"symantec": [{"lastseen": "2018-03-14T22:42:16", "bulletinFamily": "software", "description": "### Description\n\nMicrosoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.\n\n### Technologies Affected\n\n * Avaya CallPilot 4.0 \n * Avaya CallPilot 4.0.1 \n * Avaya CallPilot 5.0 \n * Avaya CallPilot 5.0.1 \n * Avaya CallPilot 5.1.0 \n * Avaya Meeting Exchange - Client Registration Server 5.0 \n * Avaya Meeting Exchange - Client Registration Server 5.0.1 \n * Avaya Meeting Exchange - Client Registration Server 5.2 \n * Avaya Meeting Exchange - Client Registration Server 5.2.1 \n * Avaya Meeting Exchange - Client Registration Server 6.0 \n * Avaya Meeting Exchange - Client Registration Server 6.2 \n * Avaya Meeting Exchange - Recording Server 5.0 \n * Avaya Meeting Exchange - Recording Server 5.0.1 \n * Avaya Meeting Exchange - Recording Server 5.2 \n * Avaya Meeting Exchange - Recording Server 5.2.1 \n * Avaya Meeting Exchange - Recording Server 6.0 \n * Avaya Meeting Exchange - Recording Server 6.2 \n * Avaya Meeting Exchange - Streaming Server 5.0 \n * Avaya Meeting Exchange - Streaming Server 5.0.1 \n * Avaya Meeting Exchange - Streaming Server 5.2 \n * Avaya Meeting Exchange - Streaming Server 5.2.1 \n * Avaya Meeting Exchange - Streaming Server 6.0 \n * Avaya Meeting Exchange - Streaming Server 6.2 \n * Avaya Meeting Exchange - Web Conferencing Server 5.0 \n * Avaya Meeting Exchange - Web Conferencing Server 5.0.1 \n * Avaya Meeting Exchange - Web Conferencing Server 5.2 \n * Avaya Meeting Exchange - Web Conferencing Server 5.2.1 \n * Avaya Meeting Exchange - Web Conferencing Server 6.0 \n * Avaya Meeting Exchange - Web Conferencing Server 6.2 \n * Avaya Meeting Exchange - Webportal 5.0 \n * Avaya Meeting Exchange - Webportal 5.0.1 \n * Avaya Meeting Exchange - Webportal 5.2 \n * Avaya Meeting Exchange - Webportal 5.2.1 \n * Avaya Meeting Exchange - Webportal 6.0 \n * Avaya Meeting Exchange - Webportal 6.2 \n * Avaya Messaging Application Server 5.0 \n * Avaya Messaging Application Server 5.0.1 \n * Avaya Messaging Application Server 5.2 \n * Avaya Messaging Application Server 5.2.1 \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8 for 32-bit Systems \n * Microsoft Windows 8 for x64-based Systems \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows RT 8.1 \n * Microsoft Windows RT \n * Microsoft Windows Server 2003 Itanium SP2 \n * Microsoft Windows Server 2003 SP2 \n * Microsoft Windows Server 2003 x64 Edition Service Pack 2 \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2008 for 32-bit Systems SP2 \n * Microsoft Windows Server 2008 for Itanium-based Systems SP2 \n * Microsoft Windows Server 2008 for x64-based Systems SP2 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Vista Service Pack 2 \n * Microsoft Windows Vista x64 Edition Service Pack 2 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nIf global access isn't needed, block access at the network perimeter to computers hosting the vulnerable operating system.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity such as unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nTo reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\n**Do not use client software to access unknown or untrusted hosts from critical systems.** \nTo limit the risk of exploits, never connect to unknown or untrusted services.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2015-03-10T00:00:00", "published": "2015-03-10T00:00:00", "id": "SMNTC-72906", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/72906", "type": "symantec", "title": "Microsoft Windows Adobe Font Driver CVE-2015-0092 Remote Code Execution Vulnerability", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "zdi": [{"lastseen": "2016-11-09T00:17:46", "bulletinFamily": "info", "description": "This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of certain Type 1 fonts. By providing a crafted font, an attacker can cause a negative offset to be used when calculating a heap buffer address. This would allow an attacker to execute arbitrary code as SYSTEM.", "modified": "2015-11-09T00:00:00", "published": "2015-05-15T00:00:00", "href": "http://www.zerodayinitiative.com/advisories/ZDI-15-227", "id": "ZDI-15-227", "title": "Microsoft Windows Type 1 Font callother Opcode Heap Buffer Underflow Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-02-21T01:23:38", "bulletinFamily": "scanner", "description": "The remote Windows host is affected by the following vulnerabilities in the Adobe Font driver :\n\n - A flaw exists in the Adobe Font Driver due to improper allocation of memory. This allows a remote attacker, using a specially crafted font in a file or website, to cause a denial of service. (CVE-2015-0074)\n\n - Multiple flaws exist in the Adobe Font Driver that allow a remote attacker, using specially crafted fonts, to obtain sensitive information from kernel memory.\n (CVE-2015-0087, CVE-2015-0089)\n\n - Multiple flaws exist in the Adobe Font Driver due to improper validation of user-supplied input. A remote attacker can exploit this, using a specially crafted font in a file or website, to execute arbitrary code.\n (CVE-2015-0088, CVE-2015-0090, CVE-2015-0091, CVE-2015-0092, CVE-2015-0093)", "modified": "2018-11-15T00:00:00", "id": "SMB_NT_MS15-021.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=81736", "published": "2015-03-10T00:00:00", "title": "MS15-021: Vulnerabilities in Adobe Font Driver Could Allow Remote Code Execution (3032323)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81736);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/11/15 20:50:31\");\n\n script_cve_id(\n \"CVE-2015-0074\",\n \"CVE-2015-0087\",\n \"CVE-2015-0088\",\n \"CVE-2015-0089\",\n \"CVE-2015-0090\",\n \"CVE-2015-0091\",\n \"CVE-2015-0092\",\n \"CVE-2015-0093\"\n );\n script_bugtraq_id(\n 72892,\n 72893,\n 72896,\n 72898,\n 72904,\n 72905,\n 72906,\n 72907\n );\n script_xref(name:\"MSFT\", value:\"MS15-021\");\n script_xref(name:\"MSKB\", value:\"3032323\");\n\n script_name(english:\"MS15-021: Vulnerabilities in Adobe Font Driver Could Allow Remote Code Execution (3032323)\");\n script_summary(english:\"Checks the file version of atmfd.dll.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Adobe Font driver on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is affected by the following vulnerabilities\nin the Adobe Font driver :\n\n - A flaw exists in the Adobe Font Driver due to improper\n allocation of memory. This allows a remote attacker,\n using a specially crafted font in a file or website, to\n cause a denial of service. (CVE-2015-0074)\n\n - Multiple flaws exist in the Adobe Font Driver that allow\n a remote attacker, using specially crafted fonts, to\n obtain sensitive information from kernel memory.\n (CVE-2015-0087, CVE-2015-0089)\n\n - Multiple flaws exist in the Adobe Font Driver due to\n improper validation of user-supplied input. A remote\n attacker can exploit this, using a specially crafted\n font in a file or website, to execute arbitrary code.\n (CVE-2015-0088, CVE-2015-0090, CVE-2015-0091,\n CVE-2015-0092, CVE-2015-0093)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2015/ms15-021\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for 2003, Vista, 2008, 7,\n2008 R2, 8, Windows RT, 2012, 8.1, Windows RT 8.1, and 2012 R2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS15-021';\nkb = '3032323';\n\nkbs = make_list(kb);\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\nif (hotfix_check_sp_range(win2003:'2', vista:'2', win7:'1', win8:'0', win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Some of the 2k3 checks could flag XP 64, which is unsupported\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows XP\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(exit_on_fail:TRUE, as_share:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n # Windows 8.1 / Windows Server 2012 R2\n hotfix_is_vulnerable(os:\"6.3\", sp:0, file:\"atmfd.dll\", version:\"5.1.2.241\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Windows 8 / Windows Server 2012\n hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"atmfd.dll\", version:\"5.1.2.241\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Windows 7 and Windows Server 2008 R2\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"atmfd.dll\", version:\"5.1.2.241\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Vista / Windows 2008\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"atmfd.dll\", version:\"5.1.2.241\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Windows 2003\n hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"atmfd.dll\", version:\"5.2.2.241\", dir:\"\\system32\", bulletin:bulletin, kb:kb)\n)\n{\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, 'affected');\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "kaspersky": [{"lastseen": "2019-03-11T08:55:27", "bulletinFamily": "info", "description": "### *Detect date*:\n03/10/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple critical vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information or execute arbitrary code.\n\n### *Affected products*:\nWindows Server 2003 x86, x64, for Itanium-based Systems, Service Pack 2 \nWindows Vista x86, x64 Service Pack 2 \nWindows Server 2008 x86, x64, for Itanium-based Systems Service Pack 2 \nWindows 7 x86, x64 Service Pack 1 \nWindows Server 2008 R2 x64, for Itanium-based Systems Service Pack 1 \nWindows 8 x86, x64 \nWindows 8.1 x86, x64 \nWindows RT, RT 8.1 \nWindows Server 2008 x64 Service Pack 2 (Server Core installation) \nWindows Server 2008 R2 x64 Service Pack 1 (Server Core installation) \nWindows Server 2012 (Server Core installation) \nWindows Server 2012 R2 (Server Core installation)\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[MS advisory](<https://technet.microsoft.com/library/security/MS15-021>) \n[CVE-2015-0074](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0074>) \n[CVE-2015-0090](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0090>) \n[CVE-2015-0091](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0091>) \n[CVE-2015-0092](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0092>) \n[CVE-2015-0093](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0093>) \n[CVE-2015-0089](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0089>) \n[CVE-2015-0087](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0087>) \n[CVE-2015-0088](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0088>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows Vista](<https://threats.kaspersky.com/en/product/Microsoft-Windows-Vista-4/>)\n\n### *CVE-IDS*:\n[CVE-2015-0074](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0074>) \n[CVE-2015-0090](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0090>) \n[CVE-2015-0091](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0091>) \n[CVE-2015-0092](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0092>) \n[CVE-2015-0093](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0093>) \n[CVE-2015-0089](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0089>) \n[CVE-2015-0087](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0087>) \n[CVE-2015-0088](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0088>)\n\n### *Microsoft official advisories*:\n\n\n### *KB list*:\n[3032323](<http://support.microsoft.com/kb/3032323>)", "modified": "2019-03-07T00:00:00", "published": "2015-03-10T00:00:00", "id": "KLA10468", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10468", "title": "\r KLA10468Multiple vulnerabilities in Microsoft products ", "type": "kaspersky", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2019-03-13T14:21:52", "bulletinFamily": "scanner", "description": "This host is missing a critical security\n update according to Microsoft Bulletin MS15-021.", "modified": "2019-03-12T00:00:00", "published": "2015-03-11T00:00:00", "id": "OPENVAS:1361412562310805052", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805052", "title": "Microsoft Adobe Font Driver Remote Code Execution Vulnerabilities (3032323)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ms15-021.nasl 14117 2019-03-12 14:02:42Z cfischer $\n#\n# Microsoft Adobe Font Driver Remote Code Execution Vulnerabilities (3032323)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805052\");\n script_version(\"$Revision: 14117 $\");\n script_cve_id(\"CVE-2015-0074\", \"CVE-2015-0087\", \"CVE-2015-0088\", \"CVE-2015-0089\",\n \"CVE-2015-0090\", \"CVE-2015-0091\", \"CVE-2015-0092\", \"CVE-2015-0093\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 15:02:42 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-11 08:54:31 +0530 (Wed, 11 Mar 2015)\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_name(\"Microsoft Adobe Font Driver Remote Code Execution Vulnerabilities (3032323)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft Bulletin MS15-021.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are exists in how the Adobe\n Font Driver manages memory when parsing fonts. The vulnerabilities are caused\n when the Adobe Font Driver improperly overwrites objects in memory.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code with kernel-mode privileges and take\n complete control of the affected system.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Windows 8 x32/x64\n\n Microsoft Windows Server 2012/R2\n\n Microsoft Windows 8.1 x32/x64 Edition\n\n Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior\n\n Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior\n\n Microsoft Windows Vista x32/x64 Edition Service Pack 2 and prior\n\n Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior\n\n Microsoft Windows Server 2008 x32/x64 Edition Service Pack 2 and prior\");\n\n script_tag(name:\"solution\", value:\"Run Windows Update and update the\n listed hotfixes or download and update mentioned hotfixes from the referenced advisory.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/kb/3032323\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/library/security/MS15-021\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win2003:3, win2003x64:3, winVista:3, win7:2, win7x64:2,\n win2008:3, win2008r2:2, win8:1, win8x64:1, win2012:1,\n win2012R2:1, win8_1:1, win8_1x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_systemroot();\nif(!sysPath ){\n exit(0);\n}\n\nuserVer = fetch_file_version(sysPath:sysPath, file_name:\"system32\\Atmfd.dll\");\nif(!userVer){\n exit(0);\n}\n\n\nif(hotfix_check_sp(win2003:3, win2003x64:3) > 0)\n{\n if(version_is_less(version:userVer, test_version:\"5.2.2.241\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n}\n\n## Win 8.1 and win2012R2\nif(hotfix_check_sp(winVista:3, win2008:3, win7:2, win7x64:2, win2008r2:2, win8:1,\n win8x64:1, win2012:1, win8_1:1, win8_1x64:1, win2012R2:1) > 0)\n{\n if(version_is_less(version:userVer, test_version:\"5.1.2.241\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:00", "bulletinFamily": "software", "description": "Multiple Internet Explorer vulnerabilities, VBScript engine, graphics, HTTP.sys vulnerabilities, privilege escalation, code execution, restrictions bypass, information disclosure, DoS.", "modified": "2015-04-16T00:00:00", "published": "2015-04-16T00:00:00", "id": "SECURITYVULNS:VULN:14384", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14384", "title": "Microsoft Windows multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
