Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2015-0087 | First vendor Publication | 2015-03-11 |
Vendor | Cve | Last vendor Modification | 2019-05-14 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensitive information from kernel memory, and possibly bypass the KASLR protection mechanism, via a crafted font, aka "Adobe Font Driver Information Disclosure Vulnerability," a different vulnerability than CVE-2015-0089. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0087 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-200 | Information Exposure |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:28469 | |||
Oval ID: | oval:org.mitre.oval:def:28469 | ||
Title: | Adobe font driver information disclosure vulnerability - CVE-2015-0087 (MS15-021) | ||
Description: | Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensitive information from kernel memory, and possibly bypass the KASLR protection mechanism, via a crafted font, aka "Adobe Font Driver Information Disclosure Vulnerability," a different vulnerability than CVE-2015-0089. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2015-0087 | Version: | 3 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 3 | |
Os | 2 | |
Os | 1 |
Snort® IPS/IDS
Date | Description |
---|---|
2015-07-08 | Microsoft Windows atlmfd.dll out-of-bounds memory write attempt RuleID : 34715 - Revision : 2 - Type : OS-WINDOWS |
2015-07-08 | Microsoft Windows atlmfd.dll out-of-bounds memory write attempt RuleID : 34714 - Revision : 2 - Type : OS-WINDOWS |
2015-04-10 | Microsoft OpenType font atlmfd.dll uninitialized memory read attempt RuleID : 33733 - Revision : 3 - Type : FILE-OTHER |
2015-04-10 | Microsoft OpenType font atlmfd.dll uninitialized memory read attempt RuleID : 33732 - Revision : 3 - Type : FILE-OTHER |
2015-04-10 | ATLMFD.DLL improperly terminated encrypted charstrings in type 1 font attempt RuleID : 33729 - Revision : 3 - Type : OS-WINDOWS |
2015-04-10 | ATLMFD.DLL improperly terminated encrypted charstrings in type 1 font attempt RuleID : 33728 - Revision : 3 - Type : OS-WINDOWS |
2015-04-10 | Microsoft Windows Type 1 font blend operator negative operand code execution ... RuleID : 33725 - Revision : 2 - Type : FILE-OTHER |
2015-04-10 | Microsoft Windows Type 1 font blend operator negative operand code execution ... RuleID : 33724 - Revision : 2 - Type : FILE-OTHER |
2015-04-10 | Type 1 font memory out-of-bounds read attempt RuleID : 33723 - Revision : 3 - Type : FILE-OTHER |
2015-04-10 | Type 1 font memory out-of-bounds read attempt RuleID : 33722 - Revision : 3 - Type : FILE-OTHER |
2015-04-10 | Microsoft Windows atlmfd.dll out-of-bounds memory write attempt RuleID : 33714 - Revision : 3 - Type : OS-WINDOWS |
2015-04-10 | Microsoft Windows atlmfd.dll out-of-bounds memory write attempt RuleID : 33713 - Revision : 3 - Type : OS-WINDOWS |
2015-04-07 | Type one font out of bounds memory access attempt RuleID : 33712 - Revision : 3 - Type : OS-WINDOWS |
2015-04-07 | Type one font out of bounds memory access attempt RuleID : 33711 - Revision : 3 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-03-10 | Name : The Adobe Font driver on the remote host is affected by multiple vulnerabilit... File : smb_nt_ms15-021.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Source | Url |
---|---|
BID | http://www.securityfocus.com/bid/72893 |
MS | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15... |
SECTRACK | http://www.securitytracker.com/id/1031889 |
Alert History
Date | Informations |
---|---|
2021-05-04 12:36:02 |
|
2021-04-22 01:43:44 |
|
2020-05-23 00:43:20 |
|
2019-05-15 00:19:05 |
|
2019-05-09 05:19:07 |
|
2018-10-13 05:18:51 |
|
2016-11-29 00:24:59 |
|
2015-10-28 09:23:02 |
|
2015-04-10 21:25:47 |
|
2015-03-18 09:28:30 |
|
2015-03-11 21:23:10 |
|
2015-03-11 17:23:07 |
|