ID CVE-2007-1213
Summary The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges via crafted TrueType fonts, which result in an uninitialized function pointer.
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 16-10-2018 - 16:37)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
assigner via4 cve@mitre.org
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
oval via4
accepted 2011-05-09T04:01:20.612-04:00
class vulnerability
contributors
  • name Sudhir Gandhe
    organization Secure Elements, Inc.
  • name Robert L. Hollis
    organization ThreatGuard, Inc.
  • name Shane Shaffer
    organization G2, Inc.
definition_extensions
comment Microsoft Windows 2000 SP4 or later is installed
oval oval:org.mitre.oval:def:229
description The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges via crafted TrueType fonts, which result in an uninitialized function pointer.
family windows
id oval:org.mitre.oval:def:1797
status accepted
submitted 2007-04-09T09:49:32
title Font Rasterizer Vulnerability
version 69
refmap via4
bid 23276
hp
  • HPSBST02206
  • SSRT071354
ms MS07-017
sectrack 1017845
vupen ADV-2007-1215
vulnerable_product via4 cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
Last major update 16-10-2018 - 16:37
Published 04-04-2007 - 16:19
Back to Top