Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 before 5.1.40416.00; and Silverlight 5 Developer Runtime before 5.1.40416.00, allows remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Windows DirectWrite TrueType字体分析漏洞
Vulnerability Description
Microsoft Windows DirectWrite library是美国微软(Microsoft)公司的一个文本布局和字体渲染API,它支持OpenType字体、GDI和Direct2D技术等。 多款Microsoft产品的Windows DirectWrite库中存在远程执行代码漏洞,该漏洞源于程序无法正确处理TrueType字体。成功利用此漏洞的攻击者可以完全控制受影响的系统。以下产品及版本受到影响:Microsoft Windows,.NET Framework 3.0 SP2版本,3.5版
CVSS Information
N/A
Vulnerability Type
N/A