Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-76563
HistorySep 08, 2015 - 12:00 a.m.

Microsoft Windows OpenType Fonts CVE-2015-2506 Local Privilege Escalation Vulnerability

2015-09-0800:00:00
Symantec Security Response
www.symantec.com
14

0.006 Low

EPSS

Percentile

76.5%

JSON

Description

Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges and execute arbitrary code on affected system. Note: This issue was previously titled ‘Microsoft Windows OpenType Fonts CVE-2015-2506 Denial of Service Vulnerability’. The title has been changed to better reflect security impact and the vulnerability information.

Technologies Affected

  • Avaya Meeting Exchange - Client Registration Server 6.0
  • Avaya Meeting Exchange - Client Registration Server 6.2
  • Avaya Meeting Exchange - Recording Server 6.0
  • Avaya Meeting Exchange - Recording Server 6.2
  • Avaya Meeting Exchange - Streaming Server 6.0
  • Avaya Meeting Exchange - Streaming Server 6.2
  • Avaya Meeting Exchange - Web Conferencing Server 6.0
  • Avaya Meeting Exchange - Web Conferencing Server 6.2
  • Avaya Meeting Exchange - Webportal 6.0
  • Avaya Meeting Exchange - Webportal 6.2
  • Microsoft Windows 10 for 32-bit Systems
  • Microsoft Windows 10 for x64-based Systems
  • Microsoft Windows 7 for 32-bit Systems SP1
  • Microsoft Windows 7 for x64-based Systems SP1
  • Microsoft Windows 8 for 32-bit Systems
  • Microsoft Windows 8 for x64-based Systems
  • Microsoft Windows 8.1 for 32-bit Systems
  • Microsoft Windows 8.1 for x64-based Systems
  • Microsoft Windows RT 8.1
  • Microsoft Windows RT
  • Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
  • Microsoft Windows Server 2008 R2 for x64-based Systems SP1
  • Microsoft Windows Server 2008 for 32-bit Systems SP2
  • Microsoft Windows Server 2008 for Itanium-based Systems SP2
  • Microsoft Windows Server 2008 for x64-based Systems SP2
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Vista Service Pack 2
  • Microsoft Windows Vista x64 Edition Service Pack 2

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
Allow only trusted individuals to have user accounts and local access to the resources.

Updates are available. Please see the references or vendor advisory for more information.

Related

talos 1
prion 1
checkpoint_advisories 1
cvelist 1
cve 1
mskb 1
openvas 1
nessus 1
kaspersky 1
securityvulns 1
talos
talos
Microsoft Windows CDD Font Parsing Kernel Memory Corruption
2015-09-15 00:00:00
prion
prion
Design/Logic Flaw
2015-09-09 00:59:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows OpenType Font Parsing Denial Of Service (MS15-097: CVE-2015-2506)
2015-09-08 00:00:00
cvelist
cvelist
CVE-2015-2506
2015-09-09 00:00:00
cve
cve
CVE-2015-2506
2015-09-09 00:59:00
mskb
mskb
MS15-097: Vulnerabilities in the Microsoft graphics component could allow remote code execution: September 8, 2015
2015-09-08 00:00:00
openvas
openvas
Microsoft Windows Graphics Component Remote Code Execution Vulnerability (3089656)
2015-09-09 00:00:00
nessus
nessus
MS15-097: Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3089656)
2015-09-09 00:00:00
kaspersky
kaspersky
KLA10656 Multiple vulnerabilities in Microsoft Windows
2015-09-08 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2015-09-15 00:00:00

0.006 Low

EPSS

Percentile

76.5%

JSON
Related for SMNTC-76563
talos1prion1checkpoint_advisories1cvelist1cve1mskb1openvas1nessus1kaspersky1securityvulns1