Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10578
HistoryMay 12, 2015 - 12:00 a.m.

KLA10578 Multiple vulnerabilities in Microsoft Font Drivers

2015-05-1200:00:00
Kaspersky Lab
threats.kaspersky.com
46

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

Low

0.875 High

EPSS

Percentile

98.7%

JSON

Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information.

Below is a complete list of vulnerabilities

  1. Improper fonts handling can be exploited remotely via a specially designed web site;
  2. Improper fonts handling can be exploited remotely via a specially designed document or web site.

Original advisories

Microsoft Advisory

CVE-2015-1671

CVE-2015-1670

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Silverlight

Microsoft-Office-Live-Meeting-2007

Microsoft-Lync

Microsoft-Office

Microsoft-Lync-2010-Attendee

Microsoft-Windows-Vista-4

Microsoft-Windows-Server-2012

Microsoft-Windows-8

Microsoft-Windows-7

Microsoft-Windows-Server-2008

Microsoft-Windows-Server-2003

Windows-RT

CVE list

CVE-2015-1671 critical

CVE-2015-1670 warning

KB list

3045171

2881073

2883029

3051466

3056819

3039779

3048068

3048077

3048074

3051468

3048072

3048073

3048070

3048071

3051467

3057110

3051465

3051464

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

Affected Products

  • Windows Server 2003 x86, x64, Itanium Service Pack 2Windows Vista x86, x64 Service Pack 2Windows Server 2008 x86, x64, Itanium Service Pack 2Windows 7 x86, x64 Service Pack 1Windows Server 2008 R2 x64, Itanium Service Pack 1Windows 8, 8.1 x86, x64Windows Server 2012Windows Server 2012 R2Windows RTWindows RT 8.1Office 2007 Service Pack 3Office 2010 Service Pack 2Live Meeting 2007 ConsoleMicrosoft Lync 2010Microsoft Lync 2010 AttendeeMicrosoft Lync 2013 Service Pack 1Microsoft Lync Basic 2013 Service Pack 1Microsoft Silverlight 5Microsoft Silverlight 5 Developer Runtime

References

Related

mskb 1
nessus 2
openvas 6
symantec 2
cve 2
attackerkb 1
prion 2
cvelist 2
nvd 2
cisa_kev 1
checkpoint_advisories 2
googleprojectzero 2
securityvulns 1
mskb
mskb
MS15-044: Vulnerabilities in Microsoft font drivers could allow remote code execution: May 12, 2015
2020-05-21 04:38:22
nessus
nessus
MS15-044: Vulnerabilities in Microsoft Font Drivers Could Allow Remote Code Execution (3057110)
2015-05-13 00:00:00
Microsoft Silverlight < 5.1.40416.00 Multiple Vulnerabilities (MS15-044 / MS15-049) (Mac OS X)
2015-05-12 00:00:00
openvas
openvas
Microsoft Windows Font Drivers Remote Code Execution Vulnerability (3057110)
2015-05-13 00:00:00
Microsoft .NET Framework Remote Code Execution Vulnerability (3057110)
2015-05-14 00:00:00
Microsoft Lync Attendee Remote Code Execution Vulnerability (3057110)
2015-05-14 00:00:00
symantec
symantec
Microsoft Windows GDI+ CVE-2015-1671 TrueType Font Handling Remote Code Execution Vulnerability
2015-05-12 00:00:00
Microsoft Windows GDI+ CVE-2015-1670 OpenType Font Parsing Information Disclosure Vulnerability
2015-05-12 00:00:00
cve
cve
CVE-2015-1671
2015-05-13 10:59:03
CVE-2015-1670
2015-05-13 10:59:02
attackerkb
attackerkb
CVE-2015-1671
2015-05-13 00:00:00
prion
prion
Spoofing
2015-05-13 10:59:00
Design/Logic Flaw
2015-05-13 10:59:00
cvelist
cvelist
CVE-2015-1671
2015-05-13 10:00:00
CVE-2015-1670
2015-05-13 10:00:00
nvd
nvd
CVE-2015-1670
2015-05-13 10:59:02
CVE-2015-1671
2015-05-13 10:59:03
cisa_kev
cisa_kev
Microsoft Windows Remote Code Execution Vulnerability
2022-05-25 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows TrueType Font Parsing Remote Code Execution (MS14-058; CVE-2014-4148; CVE-2015-1671)
2014-10-15 00:00:00
Microsoft Windows ATMFD Font Driver Information Disclosure (MS15-021: CVE-2015-0089; CVE-2015-1670)
2015-03-10 00:00:00
googleprojectzero
googleprojectzero
Enabling QR codes in Internet Explorer, or a story of a cross-platform memory disclosure
2015-09-14 00:00:00
One font vulnerability to rule them all #1: Introducing the BLEND vulnerability
2015-07-31 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2015-05-13 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

Low

0.875 High

EPSS

Percentile

98.7%

JSON
Related for KLA10578
mskb1nessus2openvas6symantec2cve2attackerkb1prion2cvelist2nvd2cisa_kev1checkpoint_advisories2googleprojectzero2securityvulns1