Secunia
Login
|
|
CVE Reference: CVE-2010-0018 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2010-0018 |
|
|
Description: Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code via compressed data that represents a crafted EOT font, aka "Microtype Express Compressed Fonts Integer Flaw in the LZCOMP Decompressor Vulnerability." |
|
|
CVE Status: Candidate |
|
|
References: ST 1023432 SAID Secunia Advisory: SA35457 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8324 OSVDB 61651 MS http://www.microsoft.com/technet/security/Bulletin/MS10-001.mspx MISC http://blogs.technet.com/srd/archive/2010/01/12/ms10-001-font-file-decompression-vulnerability.aspx CERT http://www.us-cert.gov/cas/techalerts/TA10-012B.html BID 37671 |
|
| Return to the previous page. |
