Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unspecified vulnerability in the Windows OpenType Compact Font Format (CFF) driver in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users to execute arbitrary code via unknown vectors related to improper validation when copying data from user mode to kernel mode, aka "OpenType CFF Font Driver Memory Corruption Vulnerability."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Windows OpenType CFF驱动本地权限提升漏洞
Vulnerability Description
Windows是微软发布的非常流行的操作系统。 Windows OpenType CFF驱动没有正确地验证用户态传送给内核态的某些数据,如果用户查看了特制CCF字体所渲染的内容,在获得字型轮廓时就会用任意数量的0字节覆盖内核内存,导致内核级权限提升。攻击者必须拥有有效的登录凭据且能够本地登录才可以利用这个漏洞,无法远程或匿名利用。
CVSS Information
N/A
Vulnerability Type
N/A