OneType font parsing vulnerability in Windows Adobe Type Manager library - CVE-2015-2460| ID: oval:org.secpod.oval:def:25853 | Date: (C)2015-08-14 (M)2021-09-11 |
| Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8, Server 2012, Windows 8.1, Server 2012 R2, .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 or 4.6 and is prone to an Onetype font parsing vulnerability. A flaw is present in the application, which fails to handle a crafted OpenType fonts. Successful exploitation could allow attackers to take complete control of the affected system.
| Platform: |
| Microsoft Windows Vista |
| Microsoft Windows Server 2008 |
| Microsoft Windows 7 |
| Microsoft Windows Server 2008 R2 |
| Microsoft Windows 8 |
| Microsoft Windows 8.1 |
| Microsoft Windows Server 2012 |
| Microsoft Windows Server 2012 R2 |
| Product: |
| Microsoft .NET Framework 4.5 |
| Microsoft .NET Framework 4.5 SP1 |
| Microsoft .NET Framework 4.5 SP2 |
| Microsoft .NET Framework 4.6 |
| Microsoft .NET Framework 3.0 |
| Microsoft .NET Framework 3.5.1 |
| Microsoft .NET Framework 4.0 |
