Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiRiusksk of VulWar CorpZDI-19-1004
HistoryDec 11, 2019 - 12:00 a.m.

Microsoft Windows Font Subsetting Library Out-Of-Bounds Write Remote Code Execution Vulnerability

2019-12-1100:00:00
riusksk of VulWar Corp
www.zerodayinitiative.com
25

EPSS

0.056

Percentile

93.4%

JSON

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the font subsetting library. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.

Related

prion 1
mscve 1
cve 1
cvelist 1
symantec 1
nvd 1
krebs 1
googleprojectzero 1
qualysblog 1
mskb 14
threatpost 1
nessus 10
openvas 8
kaspersky 3
talosblog 1
prion
prion
Remote code execution
2019-12-10 22:15:00
mscve
mscve
Win32k Graphics Remote Code Execution Vulnerability
2019-12-10 08:00:00
cve
cve
CVE-2019-1468
2019-12-10 22:15:16
cvelist
cvelist
CVE-2019-1468
2019-12-10 21:41:00
symantec
symantec
Microsoft Windows Win32k Graphics CVE-2019-1468 Remote Code Execution Vulnerability
2019-12-10 00:00:00
nvd
nvd
CVE-2019-1468
2019-12-10 22:15:16
krebs
krebs
Patch Tuesday, December 2019 Edition
2019-12-11 01:51:25
googleprojectzero
googleprojectzero
TFW you-get-really-excited-you-patch-diffed-a-0day-used-in-the-wild-but-then-find-out-it-is-the-wrong-vuln
2020-04-02 00:00:00
qualysblog
qualysblog
December 2019 Patch Tuesday – 36 Vulns, 7 Critical, Actively Attacked Win32k vuln, Adobe vulns
2019-12-10 19:04:23
mskb
mskb
December 10, 2019—KB4530730 (Security-only update)
2019-12-10 08:00:00
December 10, 2019—KB4530698 (Security-only update)
2019-12-10 08:00:00
December 10, 2019—KB4530719 (Security-only update)
2019-12-10 08:00:00
threatpost
threatpost
Microsoft Zaps Actively Exploited Zero-Day Bug
2019-12-10 21:21:24
nessus
nessus
KB4530730: Windows 8.1 and Windows Server 2012 R2 December 2019 Security Update
2019-12-10 00:00:00
KB4530698: Windows Server 2012 December 2019 Security Update
2019-12-10 00:00:00
KB4530719: Windows Server 2008 December 2019 Security Update
2019-12-10 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4530702)
2019-12-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4530681)
2019-12-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4530714)
2019-12-11 00:00:00
kaspersky
kaspersky
KLA11862 Multiple vulnerabilities in Microsoft Products (ESU)
2019-12-10 00:00:00
KLA11616 Multiple vulnerabilities in Microsoft Windows
2019-12-11 00:00:00
KLA11868 Multiple vulnerabilities in Microsoft Windows
2019-12-10 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday — Dec. 2019: Vulnerability disclosures and Snort coverage
2019-12-10 10:41:37

EPSS

0.056

Percentile

93.4%

JSON
Related for ZDI-19-1004
prion1mscve1cve1cvelist1symantec1nvd1krebs1googleprojectzero1qualysblog1mskb14threatpost1nessus10openvas8kaspersky3talosblog1