Microsoft Windows - Uniscribe Font Processing Heap Out-of-Bounds ReadWrite in USP10!AssignGlyphTypes (MS17-011)

Microsoft Windows - Uniscribe Font Processing Heap Out-of-Bounds ReadWrite in USP10!AssignGlyphTypes MS17-011 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1023 We have encountered a crash in the Windows Uniscribe user-mode library, in the USP10!AssignGlyphTypes function, whil...

Microsoft Windows - Uniscribe Font Processing Heap Memory Corruption in USP10!MergeLigRecords (MS17-011)

Microsoft Windows - Uniscribe Font Processing Heap Memory Corruption in USP10!MergeLigRecords MS17-011 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1026&desc=2 We have encountered a crash in the Windows Uniscribe user-mode library, in the memcpy function called by...

Microsoft Windows - Uniscribe Font Processing Heap Memory Corruption in USP10!otlCacheManager::GlyphsSubstituted (MS17-011)

Microsoft Windows - Uniscribe Font Processing Heap Memory Corruption in USP10!otlCacheManager::GlyphsSubstituted MS17-011 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1025 We have encountered a crash in the Windows Uniscribe user-mode library, in the memset function called by...

Microsoft Windows - Uniscribe Font Processing Heap Buffer Overflow in USP10!ttoGetTableData (MS17-011)

Microsoft Windows - Uniscribe Font Processing Heap Buffer Overflow in USP10!ttoGetTableData MS17-011 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1027 We have encountered a crash in the Windows Uniscribe user-mode library, in an unnamed function called by USP10!ttoGetTableDat...

Microsoft Windows - 'USP10!otlList::insertAt' Uniscribe Font Processing Heap Buffer Overflow (MS17-011)

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1022 We have encountered a crash in the Windows Uniscribe user-mode library, in the memmove function called by USP10!otlList::insertAt, while trying to display text using a corrupted font file: --- 4b44.24a8: Access violation - cod...

Microsoft Windows - Uniscribe Font Processing Heap Out-of-Bounds Write in USP10!UpdateGlyphFlags (MS17-011)

Microsoft Windows - Uniscribe Font Processing Heap Out-of-Bounds Write in USP10!UpdateGlyphFlags MS17-011 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1028 We have encountered a crash in the Windows Uniscribe user-mode library, in the USP10!UpdateGlyphFlags function, while...

Microsoft Windows - Uniscribe Font Processing Buffer Overflow in 'USP10!FillAlternatesList' (MS17-011)

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1030 We have encountered a crash in the Windows Uniscribe user-mode library, in the USP10!FillAlternatesList function, while trying to request a list of alternate glyphs for a specific glyph in a corrupted font file: --- 4bfc.c60:...

Microsoft Windows - Uniscribe Font Processing Heap Memory Corruption in 'USP10!otlCacheManager::GlyphsSubstituted' (MS17-011)

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1025 We have encountered a crash in the Windows Uniscribe user-mode library, in the memset function called by USP10!otlCacheManager::GlyphsSubstituted, while trying to display text using a corrupted font file: --- 449c.6338: Access...

March 2017 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1

March 2017 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1 Summary This security update resolves the following vulnerabilities in Windows: MS17-022 Security update for Microsoft XML Core Services MS17-021 Security update for DirectShow MS17-020 Security update for...

Microsoft Windows Uniscribe Remote Code Execution (MS17-011: CVE-2017-0089)

A remote code execution vulnerability exists in Microsoft Windows. The vulnerability is due to the way Windows Uniscribe handles objects in the memory. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted file...

Microsoft Windows Uniscribe Information Disclosure (MS17-011: CVE-2017-0121)

An information disclosure vulnerability has been reported in Microsoft Windows. The vulnerability is due to the way Windows Graphics Device Interface handles objects in memory. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted website...