Detections
Analytics

MS15-021: Vulnerabilities in Adobe Font Driver Could Allow Remote Code Execution (3032323)

high Nessus Plugin ID 81736

Language:

Synopsis

The Adobe Font driver on the remote host is affected by multiple vulnerabilities.

Description

The remote Windows host is affected by the following vulnerabilities in the Adobe Font driver :

 - A flaw exists in the Adobe Font Driver due to improper allocation of memory. This allows a remote attacker, using a specially crafted font in a file or website, to cause a denial of service. (CVE-2015-0074)

 - Multiple flaws exist in the Adobe Font Driver that allow a remote attacker, using specially crafted fonts, to obtain sensitive information from kernel memory.
 (CVE-2015-0087, CVE-2015-0089)

 - Multiple flaws exist in the Adobe Font Driver due to improper validation of user-supplied input. A remote attacker can exploit this, using a specially crafted font in a file or website, to execute arbitrary code.
 (CVE-2015-0088, CVE-2015-0090, CVE-2015-0091, CVE-2015-0092, CVE-2015-0093)

Solution

Microsoft has released a set of patches for 2003, Vista, 2008, 7, 2008 R2, 8, Windows RT, 2012, 8.1, Windows RT 8.1, and 2012 R2.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2015/ms15-021

Plugin Details

Severity: High

ID: 81736

File Name: smb_nt_ms15-021.nasl

Version: 1.15

Type: local

Agent: windows

Published: 3/10/2015

Updated: 11/22/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/10/2015

Vulnerability Publication Date: 3/10/2015

Reference Information

CVE: CVE-2015-0074, CVE-2015-0087, CVE-2015-0088, CVE-2015-0089, CVE-2015-0090, CVE-2015-0091, CVE-2015-0092, CVE-2015-0093

BID: 72892, 72893, 72896, 72898, 72904, 72905, 72906, 72907

MSFT: MS15-021

MSKB: 3032323