Remote code execution in Windows Graphics Component

Published: 2016-08-10 13:25:33
Severity High
Patch available YES
Number of vulnerabilities 3
CVE ID CVE-2016-3304
CVE-2016-3303
CVE-2016-3301
CVSSv3 8.8 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
8.8 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
8.8 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CWE ID CWE-119
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Public exploit code for vulnerability #2 is available.
Public exploit code for vulnerability #3 is available.
Vulnerable software Windows
Windows Server
Microsoft Office
Microsoft Word
Skype for Business
Microsoft Lync
Microsoft Live Meeting
Vulnerable software versions Windows Vista
Windows 7
Windows 8.1
Windows RT 8.1
Windows 10
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Microsoft Office 2007
Microsoft Office 2010
Microsoft Word Viewer
Skype for Business 2016
Microsoft Lync 2010
Microsoft Lync 2013
Microsoft Live Meeting 2007 Console
Vendor URL Microsoft

Security Advisory

This security bulleting describes three remote code execution vulnerabilities in Windows font library.

1) Remote code execution in Windows Graphics Component

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists in Windows font library when handling specially crafted embedded fonts. A remote attacker can create a specially crafted font and execute arbitrary code on the target system with privileges of the current user. The attacker can use a variety of software to deliver malicious font to the target system, including web browsers, emails, office documents.

Successful exploitation of this vulnerability my allow an attacker to run arbitrary code on vulnerable system.

External links

https://technet.microsoft.com/en-us/library/security/ms16-097.aspx

2) Remote code execution in Windows Graphics Component

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists in Windows font library when handling specially crafted embedded fonts. A remote attacker can create a specially crafted font and execute arbitrary code on the target system with privileges of the current user. The attacker can use a variety of software to deliver malicious font to the target system, including web browsers, emails, office documents.

Successful exploitation of this vulnerability my allow an attacker to run arbitrary code on vulnerable system.

External links

https://technet.microsoft.com/en-us/library/security/ms16-097.aspx

3) Remote code execution in Windows Graphics Component

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists in Windows font library when handling specially crafted embedded fonts. A remote attacker can create a specially crafted font and execute arbitrary code on the target system with privileges of the current user. The attacker can use a variety of software to deliver malicious font to the target system, including web browsers, emails, office documents, etc.

Successful exploitation of this vulnerability my allow an attacker to run arbitrary code on vulnerable system.

External links

https://technet.microsoft.com/en-us/library/security/ms16-097.aspx

Back to List