Skip to main content

Microsoft Windows OpenType Font Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 15 Dec 2010 5504 Views

RISK: Medium Risk

A remote code execution vulnerability exists in the way that the OpenType Font (OTF) driver improperly parses specially crafted OpenType fonts. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.