Executive Summary

Summary
TitleVulnerabilities in Microsoft Font Drivers Could Allow Remote Code Execution (3057110)
Informations
NameMS15-044First vendor Publication2015-05-12
VendorMicrosoftLast vendor Modification2015-06-23
Severity (Vendor) CriticalRevision2.1

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Severity Rating: Critical
Revision Note: V2.1 (June 23, 2015): V2.1 (June 23, 2015): Bulletin revised to announce a detection change in the 3056819 update for Microsoft Silverlight 5. This is a detection change only. Customers who have already successfully updated their systems do not need to take any action.
Summary: This security update resolves vulnerabilities in Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Microsoft Lync, and Microsoft Silverlight. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded TrueType fonts.

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS15-044

CWE : Common Weakness Enumeration

%idName
50 %CWE-200Information Exposure
50 %CWE-19Data Handling

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:28875
 
Oval ID: oval:org.mitre.oval:def:28875
Title: TrueType font parsing vulnerability - CVE-2015-1671 (MS15-044) (Mac OS X)
Description: The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 before 5.1.40416.00; and Silverlight 5 Developer Runtime before 5.1.40416.00, allows remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability."
Family: macos Class: vulnerability
Reference(s): CVE-2015-1671
Version: 4
Platform(s): Apple Mac OS X
Apple Mac OS X Server
Product(s): Microsoft Silverlight 5 for Mac
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28207
 
Oval ID: oval:org.mitre.oval:def:28207
Title: TrueType font parsing vulnerability - CVE-2015-1671 (MS15-044)
Description: The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 before 5.1.40416.00; and Silverlight 5 Developer Runtime before 5.1.40416.00, allows remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2015-1671
Version: 5
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Microsoft .NET Framework 4.5
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.2
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0
Microsoft Silverlight 5
Microsoft Lync 2010
Microsoft Lync Basic 2013
Microsoft Lync 2010 Attendee
Microsoft live meeting 2007
Microsoft Office 2007
Microsoft Office 2010
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28362
 
Oval ID: oval:org.mitre.oval:def:28362
Title: OpenType Font parsing vulnerability - CVE-2015-1670 (MS15-044)
Description: The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2, allows remote attackers to obtain sensitive information from process memory via a crafted OpenType font on a web site, aka "OpenType Font Parsing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2015-1670
Version: 4
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Microsoft .NET Framework 4.5
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.2
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application7
Application1
Application5
Application3
Application30

Snort® IPS/IDS

DateDescription
2015-06-17Microsoft Windows Win32k TrueType Font parsing out of bounds attempt
RuleID : 34441 - Revision : 2 - Type : OS-WINDOWS
2015-06-17Microsoft Windows Win32k TrueType Font parsing out of bounds attempt
RuleID : 34440 - Revision : 2 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

DateDescription
2015-05-13Name : The remote Windows host is affected by multiple vulnerabilities.
File : smb_nt_ms15-044.nasl - Type : ACT_GATHER_INFO
2015-05-12Name : A multimedia application framework installed on the remote Mac OS X host is a...
File : macosx_ms15-049.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
DateInformations
2015-06-24 00:29:08
  • Multiple Updates
2015-06-24 00:15:58
  • Multiple Updates
2015-06-17 21:26:36
  • Multiple Updates
2015-05-21 21:31:59
  • Multiple Updates
2015-05-21 21:16:07
  • Multiple Updates
2015-05-15 17:29:25
  • Multiple Updates
2015-05-15 00:28:25
  • Multiple Updates
2015-05-14 13:28:21
  • Multiple Updates
2015-05-13 17:29:39
  • Multiple Updates
2015-05-13 13:28:07
  • Multiple Updates
2015-05-12 21:30:29
  • Multiple Updates
2015-05-12 21:16:29
  • First insertion