Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2015-1671

Published: 13/05/2015 Updated: 12/10/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Microsoft

Vulnerability Summary

The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 prior to 5.1.40416.00; and Silverlight 5 Developer Runtime prior to 5.1.40416.00, allows remote malicious users to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft .net framework 4.5.1

microsoft .net framework 4.5.2

microsoft lync 2010

microsoft lync 2013

microsoft .net framework 3.5

microsoft .net framework 3.5.1

microsoft office 2007

microsoft live meeting 2007

microsoft .net framework 4.0

microsoft .net framework 4.5

microsoft .net framework 3.0

microsoft office 2010

microsoft silverlight

Recent Articles

Kaspersky Security Bulletin 2015. Overall statistics for 2015
Securelist • Maria Garnaeva Jornt van der Wiel Denis Makrushin Anton Ivanov Yury Namestnikov • 15 Dec 2015

Download PDF version Download EPUB Download Full Report PDF Download Full Report EPUB In 2015, we saw the use of new techniques for masking exploits, shellcodes and payloads to make detecting infections and analyzing malicious code more difficult. Specifically, cybercriminals: The detection of two families of critical vulnerabilities for Android was one of the more remarkable events of the year. Exploiting Stagefright vulnerabilities enabled an attacker to remotely execute arbitrary code on a...

Read more...
Microsoft security updates May 2015
Securelist • Kurt Baumgartner • 12 May 2015

Microsoft released a set of thirteen Security Bulletins (MS015-043 through MS015-055) to start off May 2015, addressing 46 vulnerabilities in a wide set of Microsoft software technologies. Three of these are rated critical for RCE and the rest of the May 2015 Security Bulletins are rated Important. Two of the critical Bulletins (043 and 044) are especially risky and address critical RCE vulnerabilities across all versions of supported Windows platforms. Most likely, your Windows systems are ru...

Read more...

References

CWE-19http://www.securitytracker.com/id/1032281http://www.securityfocus.com/bid/74490https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-044https://nvd.nist.govhttps://securelist.com/microsoft-security-updates-may-2015/69938/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028memory leaklog injectionCVE-2024-3400CVE-2022-48695CVE-2022-48675CVE-2024-34487CVE-2024-33792spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook