Published: 11/03/2015 Updated: 14/05/2019

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote malicious users to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0088, CVE-2015-0091, CVE-2015-0092, and CVE-2015-0093.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 8.1 -
microsoft windows 8 -
microsoft windows server 2008 r2
microsoft windows rt -
microsoft windows server 2012 -
microsoft windows server 2008 -
microsoft windows server 2003 -
microsoft windows rt 8.1 -
microsoft windows server 2012 r2
microsoft windows 7 -
microsoft windows vista -

Killer ChAraCter HOSES almost all versions of Reader, Windows

The Register • Darren Pauli • 24 Jun 2015

Google Project Zero bod drops 15 remote code execution holes

Get patching: Google Project Zero hacker Mateusz Jurczyk has dropped 15 remote code execution vulnerabilities, including a single devastating hack against Adobe Reader and Windows he reckons beats all exploit defences. The accomplished offensive security researcher (@j00ru) presented findings at the Recon security conference this month under the title One font vulnerability to rule them all: A story of cross-software ownage, shared codebases and advanced exploitation [PDF ] without much fanfare ...

CVE-2015-0090

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect