HomePentest-Tools.com Logo

Embedded OpenType Font Engine Remote Code Execution Vulnerability (982132) CVE-2010-1883

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

This host is missing a critical security update according to Microsoft Bulletin MS10-076.

Risk description

The flaw is due to an integer overflow error in the Embedded OpenType Font Engine when parsing certain tables within specially crafted files and content containing embedded fonts. Successful exploitation could allow remote attackers to execute arbitrary code by tricking a user into visiting a malicious web page or opening a specially crafted email or Office document.

Recommendation

The vendor has released updates. Please see the references for more information.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Oct 13, 2010
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available