7.2
CVE-2007-1213
- EPSS 4%
- Veröffentlicht 04.04.2007 16:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:09
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges via crafted TrueType fonts, which result in an uninitialized function pointer.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Windows 2000 Updatesp4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4% | 0.892 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-824 Access of Uninitialized Pointer
The product accesses or uses a pointer that has not been initialized.
http://www.securityfocus.com/archive/1/466186/100/200/threaded
http://www.vupen.com/english/advisories/2007/1215
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017
http://www.securityfocus.com/bid/23276
http://www.securitytracker.com/id?1017845
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1797