Lucene search
K

105 matches found

Cvelist
Cvelist
added 2017/11/15 3:0 a.m.30 views

CVE-2017-11835

Microsoft graphics in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to potentially read data that was not intended to be disclosed due to the way that the Microsoft Windows Embedded OpenType EOT font engine parses specially crafted embedded fonts, aka "Windows EOT Font...

5.4AI score0.02384EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/11/15 3:0 a.m.28 views

CVE-2017-11832

The Microsoft Windows embedded OpenType EOT font engine in Windows 7 SP1, Windows Server 2008 SP2 and 2008 R2 SP1, and Windows Server 2012 allows an attacker to potentially read data that was not intended to be disclosed, due to the way that the Microsoft Windows EOT font engine parses specially...

5.4AI score0.02091EPSS
Exploits0References3
CVE
CVE
added 2017/11/15 3:0 a.m.84 views

CVE-2017-11832

CVE-2017-11832/11835 relate to the Microsoft Windows Embedded OpenType (EOT) font engine. Affected products include Windows 7 SP1, Windows Server 2008 SP2/R2 SP1, and Windows Server 2012, where the EOT font engine parses specially crafted embedded fonts leading to information disclosure. The vuln...

4.7CVSS5AI score0.02091EPSS
Exploits0References3Affected Software3
Kaspersky
Kaspersky
added 2017/11/14 12:0 a.m.151 views

KLA11136 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure...

9.3CVSS7.3AI score0.10975EPSS
Exploits11References30
Kaspersky
Kaspersky
added 2017/11/14 12:0 a.m.41 views

KLA11855 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. An information...

9.3CVSS9.2AI score0.47913EPSS
Exploits7References40
Check Point Advisories
Check Point Advisories
added 2017/10/10 12:0 a.m.11 views

Microsoft Windows Graphics Remote Code Execution (CVE-2017-11763)

A remote code execution vulnerability exists in Windows font library. The vulnerability is due to the way Windows font library improperly handles specially crafted embedded fonts. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted EOT file...

6.8CVSS9AI score0.17147EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/03/31 12:0 a.m.39 views

Microsoft Windows Embedded OpenType Font Engine LZCOMP Integer Overflow - Ver2 (CVE-2010-0018)

An integer overflow vulnerability has been reported in Microsoft Windows Embedded OpenType Font Engine. The vulnerability is due to insufficient validation while processing an EOT font. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the...

7.2AI score0.26523EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2012/02/14 12:0 a.m.44 views

Microsoft Embedded OpenType EOT Font Integer Overflow (MS10-076; CVE-2010-1883)

A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to an integer overflow in the Microsoft Windows EOT component, when parsing certain tables within specially crafted files and content containing embedded fonts. A remote attacker may exploit thi...

9.3CVSS7.5AI score0.23344EPSS
Exploits1
NVD
NVD
added 2010/10/13 7:0 p.m.30 views

CVE-2010-1883

Integer overflow in the Embedded OpenType EOT Font Engine in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary code via a crafted table in an embedded font, aka...

9.3CVSS7.6AI score0.23344EPSS
Exploits1References3
Prion
Prion
added 2010/10/13 7:0 p.m.26 views

Integer overflow

Integer overflow in the Embedded OpenType EOT Font Engine in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary code via a crafted table in an embedded font, aka...

9.3CVSS8.2AI score0.23344EPSS
Exploits1References3Affected Software3
CVE
CVE
added 2010/10/13 6:0 p.m.78 views

CVE-2010-1883

CVE-2010-1883 describes an integer overflow in the Microsoft Windows Embedded OpenType (EOT) Font Engine that could allow remote code execution. The vulnerability occurs when parsing certain tables in embedded fonts (notably during handling of the hdmx records) and affects multiple Windows produc...

9.3CVSS7.7AI score0.23344EPSS
Exploits1References3Affected Software6
Cvelist
Cvelist
added 2010/10/13 6:0 p.m.44 views

CVE-2010-1883

Integer overflow in the Embedded OpenType EOT Font Engine in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary code via a crafted table in an embedded font, aka...

7.6AI score0.23344EPSS
Exploits1References3
securityvulns
securityvulns
added 2010/10/13 12:0 a.m.80 views

Microsoft Security Bulletin MS10-076 - Critical Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (982132)

Microsoft Security Bulletin MS10-076 - Critical Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution 982132 Published: October 12, 2010 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in a Microsof...

9.3CVSS1.4AI score0.23344EPSS
Exploits1
Symantec
Symantec
added 2010/10/12 12:0 a.m.24 views

Microsoft Windows Embedded OpenType Font Engine Integer Overflow Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the Embedded OpenType EOT font engine. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attempts may trigger a denial-of-service conditio...

8AI score
Exploits0References1Affected Software11
Check Point Advisories
Check Point Advisories
added 2010/10/12 12:0 a.m.39 views

Workaround for Microsoft Embedded OpenType Font Engine Integer Overflow Vulnerability (MS10-076)

A remote code execution vulnerability has been reported in the way Microsoft Windows Embedded OpenType EOT font technology parses certain tables in specially crafted embedded fonts. Embedded OpenType EOT fonts are a compact form of fonts designed for use on web pages. A remote attacker can exploi...

9.3CVSS7.3AI score0.23344EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2010/05/30 12:0 a.m.30 views

Microsoft Windows Embedded OpenType Font Engine LZCOMP Overflow (MS10-001; CVE-2010-0018)

Embedded OpenType EOT fonts are a compact form of fonts designed for use on web pages. A remote attacker can exploit these vulnerabilities via a specially crafted EOT file. Successful exploitation may allow execution of arbitrary code on a vulnerable system. An integer overflow vulnerability has...

9.3CVSS7.3AI score0.26523EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/02/07 12:0 a.m.31 views

Microsoft Windows Embedded OpenType Font Integer Overflow (MS09-029; CVE-2009-0232)

Embedded OpenType EOT fonts are a compact form of OpenType fonts designed by Microsoft for use as embedded fonts on web pages. These files usually use the extension ".eot". The Embedded OpenType EOT Font Engine is a Microsoft Windows component that enables Windows applications, such as Microsoft...

9.3CVSS7.1AI score0.25818EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2010/02/03 12:0 a.m.66 views

Microsoft Windows Win32k EOT Parsing Integer Overflow (MS09-065; CVE-2009-2514)

Microsoft Windows kernel, the core of the operating system, contains a device driver win32k.sys. This device driver is an important component that controls window displays, receives keyboard and device input, offers functions for graphic output devices, and provides many other valuable services...

9.3CVSS6.8AI score0.47489EPSS
Exploits7
securityvulns
securityvulns
added 2010/01/15 12:0 a.m.55 views

US-CERT Technical Cyber Security Alert TA10-012B -- Microsoft Windows EOT Font and Adobe Flash Player 6 Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-012B Microsoft Windows EOT Font and Adobe Flash Player 6 Vulnerabilities Original release date: Last revised: -- Source: US-CERT Systems Affected Microsoft Windows and Internet Explorer...

9.3CVSS1.3AI score0.26523EPSS
Exploits0
NVD
NVD
added 2010/01/13 7:30 p.m.32 views

CVE-2010-0018

Integer overflow in the Embedded OpenType EOT Font Engine t2embed.dll in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code via...

9.3CVSS7.6AI score0.26523EPSS
Exploits0References9
Rows per page
Query Builder