Phishing Tactic Hides Tracks with Custom Fonts

An insidious phishing method evades detection using a never-before-seen technique that leverages custom fonts to cover its tracks. Researchers at Proofpoint recently discovered an active credential harvesting phishing scheme. Once a victim has clicked on the initial phishing email, the resulting...

Microsoft Windows 2000-2008 - Embedded OpenType Font Engine Remote Code Execution

No description provided by source. $Id: ms09065eotinteger.rb 7470 2009-11-11 23:48:53Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

Opera < 10.54 Multiple Vulnerabilities

The version of Opera installed on the remote host is earlier than 10.54. Such versions are potentially affected by the following issues : - Web fonts may be used to trigger a privilege elevation vulnerability in the Windows operating system MS10-032 954 - It may be possible to use data URIs in a...

Opera may be used as a vector for a font issue in the underlying operating system

A flaw in the font handling on the Windows operating system has been fixed by Microsoft. On unpatched systems, Web fonts may be used to exploit this issue through Opera...

Microsoft Windows EOT Font Table Directory Integer Overflow

$Id: ms09065eotinteger.rb 7470 2009-11-11 23:48:53Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...

Opera Multiple Vulnerabilities - Nov09 (Windows)

This host is installed with Opera Web Browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultvulnnov09win.nasl 4869 2016-12-29 11:01:45Z teissa $ Opera Multiple Vulnerabilities - Nov09 Windows Authors: Sharath S Copyright: Copyright c 2009 Greenbone Networks...

Opera Multiple Vulnerabilities (Nov 2009) - Windows

Opera Web Browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Authentication flaw

Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site...

CVE-2009-3832

Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site...

CVE-2009-3832

Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site...

CVE-2009-3832

Opera for Windows prior to 10.01 is affected by CVE-2009-3832 due to the browser rendering UI using web fonts, allowing a crafted site to spoof the address bar. Root cause: Web fonts used in the UI are not prevented in rendering. Impact is spoofing the address field; exploitation status is not do...

Opera < 10.01 Multiple Vulnerabilities

Binary data 800863.prm...

Opera < 10.01 Multiple Vulnerabilities

The version of Opera installed on the remote host is earlier than 10.01. Such versions are potential affected by multiple issues : - Specially crafted domain names can cause a memory corruption in Opera, which may lead to a crash or possibly remote code execution. 938 - Opera may allow scripts to...

Web fonts can be used to spoof the page address

In some cases, a Web font intended to be used for page content could be incorrectly used by Opera to render parts of the user interface, including the address field. This can be used by a malicious site to display a false domain name in the address field...

Web fonts can be used to spoof the page address – Opera Security Advisories

In some cases, a Web font intended to be used for page content could be incorrectly used by Opera to render parts of the user interface, including the address field. This can be used by a malicious site to display a false domain name in the address field...

Microsoft Windows embedded web fonts memory corruption

Memory corruption on parsing web fonts embedded to HTML page. May be used to install trojans, backdoors or another malware to client computer...

Microsoft Security Bulletin MS06-002 Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution &#40;908519&#41;

Microsoft Security Bulletin MS06-002 Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution 908519 Published: January 10, 2006 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity...

Microsoft embedded web font buffer overflow

Overview A heap-based buffer overflow in the way Microsoft Windows processes embedded web fonts may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Windows contains a heap-based buffer overflow in a routine that processes embedded w...