CVE-2015-2387

CVSS 7.8 HIGHEPSS 36.7%● KEVCWE-787

In short

A flaw in Windows' font handling system (ATMFD.DLL) allows a local user to run malicious code with higher privileges by opening a specially crafted file. This is dangerous because an attacker with basic access can take complete control of the computer.

Technical detail

Out-of-bounds write vulnerability (CWE-787) in the Adobe Type Manager Font Driver (ATMFD.DLL) across multiple Windows versions. Local attackers can trigger memory corruption by executing a malicious application, achieving privilege escalation from standard user to system level without user interaction beyond running the crafted executable.

Summary generated and translated by AI from the official description.

ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "ATMFD.DLL Memory Corruption Vulnerability."

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-077 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-2387 http://www.securityfocus.com/bid/75587 http://www.securitytracker.com/id/1032908 http://www.us-cert.gov/ncas/alerts/TA15-195A