Executive Summary
Summary | |
---|---|
Title | Vulnerabilities in Adobe Font Driver Could Allow Remote Code Execution (3032323) |
Informations | |||
---|---|---|---|
Name | MS15-021 | First vendor Publication | 2015-03-10 |
Vendor | Microsoft | Last vendor Modification | 2015-03-10 |
Severity (Vendor) | Critical | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Severity Rating: Critical |
Original Source
Url : https://technet.microsoft.com/en-us/library/security/MS15-021 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
62 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
25 % | CWE-200 | Information Exposure |
12 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:28469 | |||
Oval ID: | oval:org.mitre.oval:def:28469 | ||
Title: | Adobe font driver information disclosure vulnerability - CVE-2015-0087 (MS15-021) | ||
Description: | Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensitive information from kernel memory, and possibly bypass the KASLR protection mechanism, via a crafted font, aka "Adobe Font Driver Information Disclosure Vulnerability," a different vulnerability than CVE-2015-0089. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2015-0087 | Version: | 3 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28549 | |||
Oval ID: | oval:org.mitre.oval:def:28549 | ||
Title: | Adobe font driver information disclosure vulnerability - CVE-2015-0089 (MS15-021) | ||
Description: | Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensitive information from kernel memory, and possibly bypass the KASLR protection mechanism, via a crafted font, aka "Adobe Font Driver Information Disclosure Vulnerability," a different vulnerability than CVE-2015-0087. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2015-0089 | Version: | 3 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28684 | |||
Oval ID: | oval:org.mitre.oval:def:28684 | ||
Title: | Adobe font driver remote code execution vulnerability - CVE-2015-0091 (MS15-021) | ||
Description: | Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0088, CVE-2015-0090, CVE-2015-0092, and CVE-2015-0093. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2015-0091 | Version: | 3 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28730 | |||
Oval ID: | oval:org.mitre.oval:def:28730 | ||
Title: | Adobe font driver denial of service vulnerability - CVE-2015-0074 (MS15-021) | ||
Description: | Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly allocate memory, which allows remote attackers to cause a denial of service via a crafted (1) web site or (2) file, aka "Adobe Font Driver Denial of Service Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2015-0074 | Version: | 3 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28738 | |||
Oval ID: | oval:org.mitre.oval:def:28738 | ||
Title: | Adobe font driver remote code execution vulnerability - CVE-2015-0093 (MS15-021) | ||
Description: | Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0088, CVE-2015-0090, CVE-2015-0091, and CVE-2015-0092. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2015-0093 | Version: | 3 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28770 | |||
Oval ID: | oval:org.mitre.oval:def:28770 | ||
Title: | Adobe font driver remote code execution vulnerability - CVE-2015-0090 (MS15-021) | ||
Description: | Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0088, CVE-2015-0091, CVE-2015-0092, and CVE-2015-0093. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2015-0090 | Version: | 3 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28771 | |||
Oval ID: | oval:org.mitre.oval:def:28771 | ||
Title: | Adobe font driver remote code execution vulnerability - CVE-2015-0092 (MS15-021) | ||
Description: | Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0088, CVE-2015-0090, CVE-2015-0091, and CVE-2015-0093. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2015-0092 | Version: | 3 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28807 | |||
Oval ID: | oval:org.mitre.oval:def:28807 | ||
Title: | Adobe font driver remote code execution vulnerability - CVE-2015-0088 (MS15-021) | ||
Description: | Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0090, CVE-2015-0091, CVE-2015-0092, and CVE-2015-0093. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2015-0088 | Version: | 3 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 3 | |
Os | 2 | |
Os | 1 |
Snort® IPS/IDS
Date | Description |
---|---|
2015-07-08 | Microsoft Windows atlmfd.dll out-of-bounds memory write attempt RuleID : 34715 - Revision : 2 - Type : OS-WINDOWS |
2015-07-08 | Microsoft Windows atlmfd.dll out-of-bounds memory write attempt RuleID : 34714 - Revision : 2 - Type : OS-WINDOWS |
2015-04-10 | Microsoft OpenType font atlmfd.dll uninitialized memory read attempt RuleID : 33733 - Revision : 3 - Type : FILE-OTHER |
2015-04-10 | Microsoft OpenType font atlmfd.dll uninitialized memory read attempt RuleID : 33732 - Revision : 3 - Type : FILE-OTHER |
2015-04-10 | ATLMFD.DLL improperly terminated encrypted charstrings in type 1 font attempt RuleID : 33729 - Revision : 3 - Type : OS-WINDOWS |
2015-04-10 | ATLMFD.DLL improperly terminated encrypted charstrings in type 1 font attempt RuleID : 33728 - Revision : 3 - Type : OS-WINDOWS |
2015-04-10 | Microsoft Windows Type 1 font blend operator negative operand code execution ... RuleID : 33725 - Revision : 2 - Type : FILE-OTHER |
2015-04-10 | Microsoft Windows Type 1 font blend operator negative operand code execution ... RuleID : 33724 - Revision : 2 - Type : FILE-OTHER |
2015-04-10 | Type 1 font memory out-of-bounds read attempt RuleID : 33723 - Revision : 3 - Type : FILE-OTHER |
2015-04-10 | Type 1 font memory out-of-bounds read attempt RuleID : 33722 - Revision : 3 - Type : FILE-OTHER |
2015-04-10 | Microsoft Windows atlmfd.dll out-of-bounds memory write attempt RuleID : 33714 - Revision : 3 - Type : OS-WINDOWS |
2015-04-10 | Microsoft Windows atlmfd.dll out-of-bounds memory write attempt RuleID : 33713 - Revision : 3 - Type : OS-WINDOWS |
2015-04-07 | Type one font out of bounds memory access attempt RuleID : 33712 - Revision : 3 - Type : OS-WINDOWS |
2015-04-07 | Type one font out of bounds memory access attempt RuleID : 33711 - Revision : 3 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-03-10 | Name : The Adobe Font driver on the remote host is affected by multiple vulnerabilit... File : smb_nt_ms15-021.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2015-07-08 21:27:02 |
|
2015-04-10 21:25:52 |
|
2015-04-07 21:27:13 |
|
2015-03-11 21:26:28 |
|
2015-03-11 17:26:19 |
|
2015-03-11 13:25:05 |
|
2015-03-10 21:27:52 |
|
2015-03-10 21:17:20 |
|