Executive Summary
Summary | |
---|---|
Title | Microsoft Windows EOT Font and Adobe Flash Player 6 Vulnerabilities |
Informations | |||
---|---|---|---|
Name | TA10-012B | First vendor Publication | 2010-01-12 |
Vendor | US-CERT | Last vendor Modification | 2010-01-12 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft has released updates to address a vulnerability in the Windows Embedded Open Type (EOT) font engine. Microsoft has also published an Advisory about multiple vulnerabilities in Adobe I. Description Microsoft Security Bulletin MS10-001 describes a vulnerability in the Embedded Open Type (EOT) font engine in Windows. Microsoft Security Advisory (979267) recommends that Windows XP users remove or upgrade Adobe Flash Player 6 (formerly Macromedia Flash Player) These vulnerabilities could be exploited by loading specially crafted fonts or Flash content via Internet Explorer. Microsoft assigns the EOT font vulnerability a "low" severity rating in most current versions of Windows and notes that reliable code execution is unlikely. The severity rating for Windows 2000, however, is "critical." II. Impact A remote, unauthenticated attacker could execute arbitrary code, gain elevated privileges, or cause a vulnerable application to crash. III. Solution Apply updates from Microsoft Microsoft Security Bulletin MS10-001 provides updates for the EOT font vulnerability. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Upgrade, Remove, or Disable Adobe Flash Player 6 Adobe Flash Player 6 is included with Windows XP. Adobe has addresssed these vulnerabilities in newer versions of Flash Player. |
Original Source
Url : http://www.us-cert.gov/cas/techalerts/TA10-012B.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:8324 | |||
Oval ID: | oval:org.mitre.oval:def:8324 | ||
Title: | Microtype Express Compressed Fonts Integer Flaw in the LZCOMP Decompressor Vulnerability | ||
Description: | Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code via compressed data that represents a crafted EOT font, aka "Microtype Express Compressed Fonts Integer Flaw in the LZCOMP Decompressor Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0018 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-01-13 | Name : Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities... File : nvt/secpod_ms10-001.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
61651 | Microsoft Windows Embedded OpenType Font Engine LZCOMP Decompressor Font Hand... Microsoft Windows is prone to an overflow condition. The Embedded Open Type font engine (OET) fails to properly sanitize user-supplied input resulting in an integer overflow. With a specially crafted font file, a remote attacker can potentially cause arbitrary code execution. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-18 | Microsoft Windows embedded OpenType font engine LZX decompression buffer over... RuleID : 29014 - Revision : 4 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows embedded OpenType font engine LZX decompression buffer over... RuleID : 16366 - Revision : 13 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-01-12 | Name : It is possible to execute arbitrary code on the remote Windows host using the... File : smb_nt_ms10-001.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2013-05-11 00:53:46 |
|