[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2012-0159Date: (C)2012-05-08   (M)2024-03-01


Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview; Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Silverlight 4 before 4.1.10329; and Silverlight 5 before 5.1.10411 allow remote attackers to execute arbitrary code via a crafted TrueType font (TTF) file, aka "TrueType Font Parsing Vulnerability."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1027039
SECUNIA-49121
SECUNIA-49122
BID-53335
MS12-034
MS12-039
TA12-129A
TA12-164A
microsoft-truetype-code-exec(75124)
oval:org.mitre.oval:def:15388
oval:org.mitre.oval:def:15667

CPE    28
cpe:/o:microsoft:windows_server_2008:r2
cpe:/a:microsoft:silverlight:4.0.50524.00
cpe:/a:microsoft:silverlight:4.0.50917.0
cpe:/a:microsoft:office:2010:sp1
...
CWE    1
CWE-399
OVAL    6
oval:org.secpod.oval:def:5640
oval:org.secpod.oval:def:6056
oval:org.secpod.oval:def:6054
oval:org.secpod.oval:def:5624
...

© SecPod Technologies