3 matches found
Microsoft Windows OpenType CFF驱动本地权限提升漏洞(MS10-037)
BUGTRAQ ID: 40572 CVE ID: CVE-2010-0819 Windows是微软发布的非常流行的操作系统。 Windows OpenType CFF驱动没有正确地验证用户态传送给内核态的某些数据,如果用户查看了特制CCF字体所渲染的内容,在获得字型轮廓时就会用任意数量的0字节覆盖内核内存,导致内核级权限提升。攻击者必须拥有有效的登录凭据且能够本地登录才可以利用这个漏洞,无法远程或匿名利用。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista SP2 Microsoft...
Microsoft Windows OpenType Compact Font Format Driver Privilege Escalation Vulnerability (980218)
This host is missing an important security update according to Microsoft Bulletin MS10-037. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2010-0819
CVE-2010-0819: Elevation of privilege in the Windows OpenType Compact Font Format (CFF) Driver due to improper validation when copying data from user mode to kernel mode. Affected: Windows 2000 SP4, XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 SP2/R2, and Windows 7. Local attacker with...