CVE-2015-2426
CVE-2015-2426
In short
A flaw in Windows' font handling allows attackers to crash your computer or run malicious code by sending you a specially crafted font file. This happens because the system doesn't properly check font data boundaries.
Technical detail
Buffer underflow vulnerability in atmfd.dll (Adobe Type Manager Library) allows remote code execution when processing malformed OpenType fonts. The affected Windows versions fail to validate font structure bounds, enabling attackers to write data below allocated buffer memory and execute arbitrary code without user interaction beyond opening the font.
Summary generated and translated by AI from the official description.
Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Driver Vulnerability."
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/38222/unverifiedexploitdbwww.exploit-db.com/exploits/38222unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://blog.trendmicro.com/trendlabs-security-intelligence/a-look-at-the-open-type-font-manager-vulnerability-from-the-hacking-team-leak/https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-078https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-2426https://www.exploit-db.com/exploits/38222/http://www.kb.cert.org/vuls/id/103336http://www.securityfocus.com/bid/75951http://www.securitytracker.com/id/1032991