Memory corruption

2015-12-0911:59:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.949 High

EPSS

Percentile

99.2%

JSON

The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10 Gold and 1511, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2010, Lync 2013 SP1, and Live Meeting 2007 Console allows remote attackers to execute arbitrary code via a crafted embedded font, aka “Graphics Memory Corruption Vulnerability.”

CPENameOperatorVersion
live_meetingeq2007
lynceq2010
lynceq2013 sp1
officeeq2007 sp3
officeeq2010 sp2
skype_for_businesseq2016
windows_10eq1511
windows_7eq- sp1
windows_server_2008eqr2 sp1
windows_server_2008eqr2 sp1

Name	Operator	Version
live_meeting	eq	2007
lync	eq	2010
lync	eq	2013 sp1
office	eq	2007 sp3
office	eq	2010 sp2
skype_for_business	eq	2016
windows_10	eq	1511
windows_7	eq	- sp1
windows_server_2008	eq	r2 sp1
windows_server_2008	eq	r2 sp1