Published: 09/12/2015 Updated: 15/05/2019

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT Gold and 8.1; Office 2007 SP3; Office 2010 SP2; Word Viewer; .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6; Skype for Business 2016; Lync 2010; Lync 2013 SP1; Live Meeting 2007 Console; and Silverlight 5 allows remote malicious users to execute arbitrary code via a crafted embedded font, aka "Graphics Memory Corruption Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft office 2010
microsoft live meeting 2007
microsoft lync 2010
microsoft lync 2013
microsoft skype for business 2016
microsoft silverlight 5.0
microsoft word viewer -
microsoft office 2007
microsoft windows rt -
microsoft windows rt 8.1 -
microsoft windows server 2012 -
microsoft windows server 2012 r2
microsoft windows 8 -
microsoft windows server 2008 r2
microsoft windows 7 -
microsoft windows server 2008 -
microsoft windows vista -
microsoft windows 8.1 -
microsoft .net_framework 4.0
microsoft .net_framework 3.0
microsoft .net_framework 4.6
microsoft .net_framework 4.5.1
microsoft .net_framework 4.5
microsoft .net_framework 4.5.2
microsoft .net_framework 3.5.1
microsoft .net_framework 3.5

CWE-119 http://www.securitytracker.com/id/1034336 http://www.securitytracker.com/id/1034333 http://www.securitytracker.com/id/1034332 http://www.securitytracker.com/id/1034331 http://www.securitytracker.com/id/1034330 http://www.securitytracker.com/id/1034329 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-128 https://nvd.nist.gov

CVE-2015-6108

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect