32 matches found
EUVD-2017-3432
Malware in sbrugna...
EUVD-2018-1570
Malware in sbrugna...
EUVD-2018-1565
Malware in sbrugna...
EUVD-2017-3435
Malware in sbrugna...
Microsoft Windows EOT Font Engine Information Disclosure (CVE-2018-0760)
An information disclosure vulnerability has been reported in the EOT component of Microsoft Windows operating systems. The vulnerability is due to improper handling of objects in the Windows EOT Font Engine. A remote attacker could exploit this vulnerability by enticing a user to open specially...
Microsoft Windows EOT Font Engine Information Disclosure (CVE-2018-0855)
An information disclosure vulnerability exists in the EOT component of Microsoft Windows operating systems. The vulnerability is due to improper handling of objects in the Windows EOT Font Engine. A remote attacker could exploit this vulnerability by enticing a user to open specially crafted...
EUVD-2018-1655
The Microsoft Windows Embedded OpenType EOT font engine in Microsoft Windows 7 SP1 and Windows Server 2008 R2 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka "Windows EOT Font Engine Information Disclosure Vulnerability". This CVE ID is unique fro...
KLA11200 Multiple vulnerabilties in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...
KB4074589: Windows Server 2012 February 2018 Security Update
The remote Windows host is missing security update 4074589 or cumulative update 4074593. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability...
Information disclosure
The Microsoft Windows embedded OpenType EOT font engine in Windows 7 SP1, Windows Server 2008 SP2 and 2008 R2 SP1, and Windows Server 2012 allows an attacker to potentially read data that was not intended to be disclosed, due to the way that the Microsoft Windows EOT font engine parses specially...
CVE-2017-11832
The Microsoft Windows embedded OpenType EOT font engine in Windows 7 SP1, Windows Server 2008 SP2 and 2008 R2 SP1, and Windows Server 2012 allows an attacker to potentially read data that was not intended to be disclosed, due to the way that the Microsoft Windows EOT font engine parses specially...
CVE-2017-11832
The Microsoft Windows embedded OpenType EOT font engine in Windows 7 SP1, Windows Server 2008 SP2 and 2008 R2 SP1, and Windows Server 2012 allows an attacker to potentially read data that was not intended to be disclosed, due to the way that the Microsoft Windows EOT font engine parses specially...
CVE-2017-11835
Microsoft graphics in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to potentially read data that was not intended to be disclosed due to the way that the Microsoft Windows Embedded OpenType EOT font engine parses specially crafted embedded fonts, aka "Windows EOT Font...
KLA11136 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure...
KLA11855 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. An information...
Integer overflow
Integer overflow in the Embedded OpenType EOT Font Engine in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary code via a crafted table in an embedded font, aka...
CVE-2010-1883
CVE-2010-1883 describes an integer overflow in the Microsoft Windows Embedded OpenType (EOT) Font Engine that could allow remote code execution. The vulnerability occurs when parsing certain tables in embedded fonts (notably during handling of the hdmx records) and affects multiple Windows produc...
CVE-2010-1883
Integer overflow in the Embedded OpenType EOT Font Engine in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary code via a crafted table in an embedded font, aka...
Microsoft Windows Embedded OpenType Font Engine Integer Overflow Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the Embedded OpenType EOT font engine. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attempts may trigger a denial-of-service conditio...
Integer overflow
Integer overflow in the Embedded OpenType EOT Font Engine t2embed.dll in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code via...