Heap-based overflow vulnerability in Microsoft Windows Journal via crafted .jnt files - MS15-114ID: oval:org.secpod.oval:def:30965 | Date: (C)2015-11-11 (M)2022-10-10 |
Class: PATCH | Family: windows |
The host is missing a critical security update according to Microsoft security bulletin, MS15-114. The update is required to fix a heap-based overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted jnt files. Successful exploitation allows attackers to execute an arbitrary code in the context of the current user.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |