3 matches found
Internet Bug Bounty: Bad Write in TTF font parsing (win32k.sys)
This bug was originally reported through Project Zero at Google. Alex Rice suggested to me that I could potentially receive a bounty through Hacker One so I am also opening a report here. The vulnerability reference numbers are MS15-010 CVE-2015-0059 The original bug report is...
CVE-2015-0059
CVE-2015-0059 is the Windows kernel-mode TrueType font parsing remote code execution vulnerability (win32k.sys) exposed via crafted TTF files. Affects multiple Windows versions including Windows 7, Windows 8/8.1, Windows Server 2008 R2 SP1, Windows Server 2012, and Windows RT/8.1; root cause is i...
Microsoft Windows TrueType Font Parsing Remote Code Execution (MS15-010; CVE-2015-0059)
A remote code execution vulnerability exists in the Windows kernel-mode driver Win32k.sys. The vulnerability is caused when Windows kernel-mode driver improperly handles TrueType fonts. A remote attacker can exploit this issue by enticing a user to open a specially crafted TTF file...