Executive Summary

Summary
Title Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege (2279986)
Informations
Name MS10-078 First vendor Publication 2010-10-12
Vendor Microsoft Last vendor Modification 2010-10-12
Severity (Vendor) Important Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V1.0 (October 12, 2010): Bulletin published.Summary: This security update resolves two privately reported vulnerabilities in the Windows OpenType Font (OTF) format driver. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. All supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by the vulnerability. For more information, see the subsection, Affected and Non-Affected Software, in this section.

Original Source

Url : http://www.microsoft.com/technet/security/bulletin/MS10-078.mspx

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:6742
 
Oval ID: oval:org.mitre.oval:def:6742
Title: OpenType Font Validation Vulnerability
Description: The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 performs an incorrect integer calculation during font processing, which allows local users to gain privileges via a crafted application, aka "OpenType Font Validation Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-2741
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7258
 
Oval ID: oval:org.mitre.oval:def:7258
Title: OpenType Font Parsing Vulnerability
Description: The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly perform memory allocation during font parsing, which allows local users to gain privileges via a crafted application, aka "OpenType Font Parsing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-2740
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 1
Os 1
Os 2

OpenVAS Exploits

Date Description
2010-10-13 Name : OpenType Font (OTF) Format Driver Privilege Elevation Vulnerabilities (2279986)
File : nvt/secpod_ms10-078.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
68559 Microsoft Windows OpenType Font Parsing Unspecified Remote Code Execution

Microsoft Windows contains a flaw that may allow a remote attacker to execute arbitrary commands or code. An error in the parsing of OTF (OpenType Font) files can be exploited by loading a properly formatted font and then reload it with specially crafted offset and length fields for the head table of the font. This flaw may allow execution of arbitrary code with kernel privileges.
68558 Microsoft Windows OpenType Malformed Font Validation Remote Code Execution

Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue exists in the way that the Windows OpenType Font (OTF) format driver improperly parses specially crafted OpenType fonts, and can result in arbitrary code execution on kernel mode.

Snort® IPS/IDS

Date Description
2014-01-10 OpenType Font file integer overflow attempt
RuleID : 23155 - Revision : 5 - Type : FILE-OTHER
2014-01-10 OpenType Font file integer overflow attempt
RuleID : 23154 - Revision : 5 - Type : FILE-OTHER
2014-01-10 OpenType Font file integer overflow attempt
RuleID : 23153 - Revision : 5 - Type : FILE-OTHER
2014-01-10 OpenType Font file integer overflow attempt
RuleID : 23152 - Revision : 8 - Type : FILE-OTHER
2014-01-10 OpenType Font file parsing buffer overflow attempt
RuleID : 17765 - Revision : 6 - Type : OS-WINDOWS
2014-01-10 OpenType Font file parsing denial of service attempt
RuleID : 17752 - Revision : 11 - Type : FILE-OTHER

Nessus® Vulnerability Scanner

Date Description
2010-10-13 Name : The remote Windows host contains a font driver that allows privilege escalation.
File : smb_nt_ms10-078.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2020-12-12 21:23:44
  • Multiple Updates
2020-12-08 21:24:01
  • Multiple Updates
2020-12-05 21:23:47
  • Multiple Updates
2014-02-17 11:46:43
  • Multiple Updates
2014-01-19 21:30:32
  • Multiple Updates