2 matches found
Microsoft Windows Embedded OpenType Font Engine LZCOMP Integer Overflow - Ver2 (CVE-2010-0018)
An integer overflow vulnerability has been reported in Microsoft Windows Embedded OpenType Font Engine. The vulnerability is due to insufficient validation while processing an EOT font. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the...
CVE-2010-0018
CVE-2010-0018 is an integer overflow in the Windows Embedded OpenType (EOT) Font Engine (t2embed.dll) that could allow remote code execution via specially crafted EOT fonts. The issue occurs when decompressing EOT fonts and affects multiple Windows platforms (including Windows 2000 SP4, XP SP2/SP...