Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Microsoft Windows TrueType Font Parsing Privilege Elevation Vulnerability
Information
Severity
Severity
Critical
Family
Family
Windows
CVSSv2 Base
CVSSv2 Base
9.3
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Solution Type
Solution Type
Workaround
Created
Created
12 years ago
Modified
Modified
5 years ago
Summary
The host is installed with Microsoft Windows operating system and is prone to pivilege escalation vulnerability. This VT has been replaced by OID:1.3.6.1.4.1.25623.1.0.902767.
Insight
Insight
The flaw is due to due to an error within the Win32k kernel-mode driver when parsing TrueType fonts.
Affected Software
Affected Software
Microsoft Windows 7 Service Pack 1 and prior Microsoft Windows XP Service Pack 3 and prior Microsoft Windows Vista Service Pack 2 and prior Microsoft Windows Server 2008 Service Pack 2 and prior Microsoft Windows server 2003 Service Pack 2 and prior
Solution
Solution
Apply the workaround.