Windows : Microsoft Bulletins : Microsoft Font Driver Remote Code Execution Vulnerability (3079904)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.805726

Kategorie: Windows : Microsoft Bulletins

Titel: Microsoft Font Driver Remote Code Execution Vulnerability (3079904)

Zusammenfassung: This host is missing a critical security; update according to Microsoft Bulletin MS15-078.

Beschreibung: Summary:
This host is missing a critical security
update according to Microsoft Bulletin MS15-078.

Vulnerability Insight:
The flaw is due to the Windows Adobe Type
Manager Library improperly handles specially crafted OpenType fonts.

Vulnerability Impact:
Successful exploitation will allow remote
attackers to execute arbitrary code. Failed exploit attempts will result in
a denial-of-service condition.

Affected Software/OS:
- Microsoft Windows 8 x32/x64

- Microsoft Windows 10 x32/x64

- Microsoft Windows Server 2012/R2

- Microsoft Windows 8.1 x32/x64

- Microsoft Windows 7 x32/x64 Service Pack 1 and prior

- Microsoft Windows Vista x32/x64 Service Pack 2 and prior

- Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

- Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2015-2426
BugTraq ID: 75951
http://www.securityfocus.com/bid/75951
CERT/CC vulnerability note: VU#103336
http://www.kb.cert.org/vuls/id/103336
https://www.exploit-db.com/exploits/38222/
http://blog.trendmicro.com/trendlabs-security-intelligence/a-look-at-the-open-type-font-manager-vulnerability-from-the-hacking-team-leak/
Microsoft Security Bulletin: MS15-078
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-078
http://www.securitytracker.com/id/1032991

Copyright Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.805726
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Font Driver Remote Code Execution Vulnerability (3079904)
Zusammenfassung:	This host is missing a critical security; update according to Microsoft Bulletin MS15-078.
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS15-078. Vulnerability Insight: The flaw is due to the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary code. Failed exploit attempts will result in a denial-of-service condition. Affected Software/OS: - Microsoft Windows 8 x32/x64 - Microsoft Windows 10 x32/x64 - Microsoft Windows Server 2012/R2 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows 7 x32/x64 Service Pack 1 and prior - Microsoft Windows Vista x32/x64 Service Pack 2 and prior - Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior - Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-2426 BugTraq ID: 75951 http://www.securityfocus.com/bid/75951 CERT/CC vulnerability note: VU#103336 http://www.kb.cert.org/vuls/id/103336 https://www.exploit-db.com/exploits/38222/ http://blog.trendmicro.com/trendlabs-security-intelligence/a-look-at-the-open-type-font-manager-vulnerability-from-the-hacking-team-leak/ Microsoft Security Bulletin: MS15-078 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-078 http://www.securitytracker.com/id/1032991
Copyright	Copyright (C) 2015 Greenbone AG