Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2009-3020
HistoryAug 31, 2009 - 4:30 p.m.

Design/Logic Flaw

2009-08-3116:30:00
PRIOn knowledge base
www.prio-n.com
3

6.6 Medium

AI Score

Confidence

High

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.141 Low

EPSS

Percentile

95.5%

JSON

win32k.sys in Microsoft Windows Server 2003 SP2 allows remote attackers to cause a denial of service (system crash) by referencing a crafted .eot file in the src descriptor of an @font-face Cascading Style Sheets (CSS) rule in an HTML document, possibly related to the Embedded OpenType (EOT) Font Engine, a different vulnerability than CVE-2006-0010, CVE-2009-0231, and CVE-2009-0232. NOTE: some of these details are obtained from third party information.

Related

cve 4
securityvulns 6
checkpoint_advisories 6
openvas 4
nessus 2
seebug 2
cert 1
prion 3
cve
cve
CVE-2009-3020
2009-08-31 16:30:00
CVE-2006-0010
2006-01-10 22:03:00
CVE-2009-0232
2009-07-15 15:30:00
securityvulns
securityvulns
Microsoft Security Bulletin MS09-029 - Critical Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution (961371)
2009-07-14 00:00:00
Microsoft Windows Embedded OpenType (EOT) Fonts multiple security vulnerabilities
2010-01-15 00:00:00
[VulnWatch] [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability
2006-01-11 00:00:00
checkpoint_advisories
checkpoint_advisories
Workaround for Microsoft Windows Embedded OpenType (EOT) Font Engine Remote Code Execution Vulnerabilities (MS09-029)
2009-07-14 00:00:00
Microsoft Windows Embedded Web Font Handling Buffer Overflow (CVE-2006-0010)
2012-04-16 00:00:00
EOT Files (CVE-2006-0010)
2006-02-12 00:00:00
openvas
openvas
Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities (961371))
2009-07-15 00:00:00
Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities (961371))
2009-07-15 00:00:00
Microsoft Windows Server 2003 OpenType Font Engine DoS Vulnerability
2009-09-02 00:00:00
nessus
nessus
MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution (961371)
2009-07-14 00:00:00
MS06-002: Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution (908519)
2006-01-10 00:00:00
seebug
seebug
Microsoft Windows嵌入式OpenType字体引擎拒绝服务漏洞
2009-09-02 00:00:00
Microsoft Windows嵌入式OpenType字体引擎整数溢出漏洞
2009-07-15 00:00:00
cert
cert
Microsoft embedded web font buffer overflow
2006-01-10 00:00:00
prion
prion
Heap overflow
2006-01-10 22:03:00
Integer overflow
2009-07-15 15:30:00
Heap overflow
2009-07-15 15:30:00

6.6 Medium

AI Score

Confidence

High

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.141 Low

EPSS

Percentile

95.5%

JSON
Related for PRION:CVE-2009-3020
cve4securityvulns6checkpoint_advisories6openvas4nessus2seebug2cert1prion3