فا

‫ Microsoft Windows Adobe Font Driver Multiple Vulnerabilities

ID: IRCAD2015033809
Release Date: 2015-03-10
Criticality level: Highly critical
Software:
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows RT
Microsoft Windows RT 8.1
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows Storage Server 2003
Microsoft Windows Vista
Description:
Multiple vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and compromise a vulnerable system.
1) An error when parsing fonts within the Adobe Font Driver can be exploited to cause a DoS condition.
2) An error when reading or displaying certain fonts within the Adobe Font Driver can be exploited to disclose certain information.
3) Another error when reading or displaying certain fonts within the Adobe Font Driver can be exploited to disclose certain information.
4) An error within the Adobe Font Driver can be exploited to overwrite objects in memory.
5) Another error within the Adobe Font Driver can be exploited to overwrite objects in memory.
6) Another error within the Adobe Font Driver can be exploited to overwrite objects in memory.
7) Another error within the Adobe Font Driver can be exploited to overwrite objects in memory.
8) Another error within the Adobe Font Driver can be exploited to overwrite objects in memory.
Successful exploitation of the vulnerabilities #4 through #8 may allow execution of arbitrary code.
Solution
Apply update.
References:
MS15-021 (KB3032323):
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 3 فروردین 1394

امتیاز

امتیاز شما
تعداد امتیازها: 0