Lucene search

K
cvelistMicrosoftCVELIST:CVE-2014-4148
HistoryOct 15, 2014 - 10:00 a.m.

CVE-2014-4148

2014-10-1510:00:00
microsoft
www.cve.org

7.8 High

AI Score

Confidence

Low

0.511 Medium

EPSS

Percentile

97.5%

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted TrueType font, as exploited in the wild in October 2014, aka “TrueType Font Parsing Remote Code Execution Vulnerability.”

7.8 High

AI Score

Confidence

Low

0.511 Medium

EPSS

Percentile

97.5%