CVE-2015-2426

Warning

Exploit

EPSS 91.61%
Published 20.07.2015 18:59:01
Last modified 12.04.2025 10:46:40
Source secure@microsoft.com
Teams watchlist Login
Open Login

Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Driver Vulnerability."

Affected products Warnungen 1 Metrics 3 CWE 2 References 9

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 10 Version-

Microsoft ≫ Windows 7 Version- Updatesp1

Microsoft ≫ Windows 8 Version-

Microsoft ≫ Windows 8.1 Version-

Microsoft ≫ Windows Rt Version-

Microsoft ≫ Windows Rt 8.1 Version-

Microsoft ≫ Windows Server 2008 Version- Updatesp2

Microsoft ≫ Windows Server 2008 Versionr2 Updatesp1 HwPlatformitanium

Microsoft ≫ Windows Server 2008 Versionr2 Updatesp1 HwPlatformx64

Microsoft ≫ Windows Server 2012 Version-

Microsoft ≫ Windows Server 2012 Versionr2

Microsoft ≫ Windows Vista Version- Updatesp2

28.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Microsoft Windows Adobe Type Manager Library Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts.

Description

Apply updates per vendor instructions.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	91.61%	0.997

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

CWE-124 Buffer Underwrite ('Buffer Underflow')

The product writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer.

http://blog.trendmicro.com/trendlabs-security-intelligence/a-look-at-the-open-type-font-manager-vulnerability-from-the-hacking-team-leak/

Third Party Advisory

Exploit

http://www.kb.cert.org/vuls/id/103336

Third Party Advisory

US Government Resource

http://www.securityfocus.com/bid/75951

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id/1032991