CVE-2012-0159

Severity

93%

Complexity

86%

Confidentiality

165%

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview; Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Silverlight 4 before 4.1.10329; and Silverlight 5 before 5.1.10411 allow remote attackers to execute arbitrary code via a crafted TrueType font (TTF) file, aka "TrueType Font Parsing Vulnerability."

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview; Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Silverlight 4 before 4.1.10329; and Silverlight 5 before 5.1.10411 allow remote attackers to execute arbitrary code via a crafted TrueType font (TTF) file, aka "TrueType Font Parsing Vulnerability."

CVSS 2.0 Base Score 9.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C).

Overview

First reported 12 years ago

2012-05-09 00:55:00

Last updated 6 years ago

2018-10-12 22:02:00

Affected Software

Microsoft Office 2003 Service Pack 3

2003

Microsoft Office 2007 Service Pack 2

2007

Microsoft Office 2007 Service Pack 3

2007

Microsoft Office 2010

2010

Microsoft Office 2010 Service Pack 1

2010

Microsoft Windows 7

Microsoft Windows 7 64-bit Service Pack 1 (initial release)

Microsoft Windows 7 x86 Service Pack 1

Windows 8 Consumer Preview

consumer_preview

Microsoft Windows Server 2008 Service Pack 2

Microsoft Windows Server 2008 R2

r2

Microsoft Windows Server 2008 R2 Service Pack 1

r2

Microsoft Windows Vista Service Pack 2

Microsoft Windows XP Service Pack 2

Microsoft Windows XP Service Pack 3

Microsoft Silverlight 4.0.50401.0

4.0.50401.0

Microsoft Silverlight 4.0.50524.00

4.0.50524.00

Microsoft Silverlight 4.0.50826.0

4.0.50826.0

Microsoft Silverlight 4.0.50917.0

4.0.50917.0

Microsoft Silverlight 4.0.51204.0

4.0.51204.0

Microsoft Silverlight 4.0.60129.0

4.0.60129.0

Microsoft Silverlight 4.0.60310.0

4.0.60310.0

Microsoft Silverlight 4.0.60531.0

4.0.60531.0

Microsoft Silverlight 4.0.60831.0

4.0.60831.0

Microsoft Silverlight 4.1.10111.0

4.1.10111.0

Microsoft Silverlight 5.0.60401.0

5.0.60401.0

Microsoft Silverlight 5.0.60818.0

5.0.60818.0

Microsoft Silverlight 5.0.61118.0

5.0.61118.0

References

49121

49122

53335

1027039

TA12-129A

US Government Resource

TA12-164A

US Government Resource

MS12-034

MS12-039

microsoft-truetype-code-exec(75124)

oval:org.mitre.oval:def:15388

oval:org.mitre.oval:def:15667

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.