Remote code execution vulnerability in Microsoft Windows and Microsoft Products - CVE-2016-3301ID: oval:org.secpod.oval:def:36736 | Date: (C)2016-08-10 (M)2024-05-03 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Windows Vista, 7, 8.1, 10, Server 2008, Server 2008 R2, Server 2012 or Server 2012 R2 Microsoft Lync 2010, Microsoft Skype For business 2016, Microsoft Skype For Business Basic 2016, Microsoft Lync Basic 2013, Microsoft Lync 2010 Attendee, Microsoft live meeting 2007, Microsoft Live Meeting 2007 Add-In, Microsoft Office 2007, Microsoft Office 2010 or Word Viewer and is prone to a remote code execution vulnerability. A flaw is present in the Windows font library, which improperly handles specially crafted embedded fonts. Successful exploitation of this vulnerability could allow attackers to install programs; view, change, or delete data; or create new accounts with full user rights.
Platform: |
Microsoft Windows Server 2019 |
Microsoft Windows Vista |
Microsoft Windows Server 2008 |
Microsoft Windows 7 |
Microsoft Windows 8 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows 8.1 |
Microsoft Windows 10 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2012 R2 |
Product: |
Microsoft Lync 2010 |
Microsoft Lync Basic 2013 |
Microsoft Lync 2010 Attendee |
Microsoft live meeting 2007 |
Microsoft Live Meeting 2007 Add-In |
Microsoft Office 2007 |
Microsoft Office 2010 |
Microsoft Word Viewer |
Microsoft Skype For Business 2016 |
Microsoft Skype For Business Basic 2016 |