Skip to main content

Microsoft Windows OpenType Font Encoded Character Vulnerability( 09 February 2011 )

Last Update Date: 9 Feb 2011 15:59 Release Date: 9 Feb 2011 6039 Views

RISK: Medium Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

A remote code execution vulnerability exists in the way that the Windows OpenType Compact Font Format (CFF) driver improperly parses specially crafted OpenType fonts. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.