SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Microsoft)  >   Windows DLL (Any) Vendors:   Microsoft
Windows Adobe Type Manager Library Bugs in Processing OpenType Fonts Let Remote Users Deny Service and Execute Arbitrary Code
SecurityTracker Alert ID:  1035198
SecurityTracker URL:  http://securitytracker.com/id/1035198
CVE Reference:   CVE-2016-0120, CVE-2016-0121   (Links to External Site)
Date:  Mar 8 2016
Impact:   Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Vista SP2, 2008 SP2, 7 SP1, 2008 R2 SP1, 8, 8.1, 2012, 2012 R2, RT 8.1, 10; and prior service packs
Description:   Two vulnerabilities were reported in Windows Adobe Type Manager Library. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can cause the target application or system to crash.

A remote user can create a specially crafted OpenType font file that, when loaded by the target user or application, will execute arbitrary code on the target user's system [CVE-2016-0120]. On Windows 10 systems, the vulnerability will cause the target application to stop responding.

A remote user can create a specially crafted OpenType font file that, when loaded by the target user or application, will execute arbitrary code on the target user's system [CVE-2016-0121]. On Windows 10 systems, the vulnerability will execute code in an AppContainer sandbox context with limited privileges and capabilities.

Mateusz Jurczyk of Google Project Zero reported these vulnerabilities.

Impact:   A remote user can create a font file that, when loaded by the target user or application, will execute arbitrary code on the target user's system or cause the target application or system to stop responding.
Solution:   The vendor has issued a fix.

Windows Vista Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=d282beea-0d6f-4134-9730-694b58cca65f

Windows Vista x64 Edition Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=df92053f-1ebf-4b12-82fb-078ced0d0171

Windows Server 2008 for 32-bit Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=efde5e2c-5915-446d-8290-283374591c4c

Windows Server 2008 for x64-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=ff20a37a-8e8d-4cf3-ac45-167130b7deb5

Windows Server 2008 for Itanium-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=6f80b7f4-a78e-4d42-85cb-6a64e80afb87

Windows 7 for 32-bit Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=961c2243-af0f-4c92-898a-cb3455a9c8c7

Windows 7 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=14e1cdb4-225d-43c1-853d-5387f47df616

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=18493b90-9ea4-47e2-b9fc-04de28add703

Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=92a273f7-506d-471b-b704-8f582ca20036

Windows 8.1 for 32-bit Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=d7d9e77e-4d7f-46b2-a31f-ec24d0ff0568

Windows 8.1 for x64-based Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=ca4d2a65-86ca-4b0b-8823-fe3b78bfa891

Windows Server 2012:

https://www.microsoft.com/downloads/details.aspx?familyid=e0803c7d-a440-46a0-9f95-c39d6ab13325

Windows Server 2012 R2:

https://www.microsoft.com/downloads/details.aspx?familyid=03e014b0-e318-461b-b469-ecdd257b50b4

Windows Server 2008 for 32-bit Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=efde5e2c-5915-446d-8290-283374591c4c

Windows Server 2008 for x64-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=ff20a37a-8e8d-4cf3-ac45-167130b7deb5

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=18493b90-9ea4-47e2-b9fc-04de28add703

Windows Server 2012:

https://www.microsoft.com/downloads/details.aspx?familyid=e0803c7d-a440-46a0-9f95-c39d6ab13325

Windows Server 2012 R2:

https://www.microsoft.com/downloads/details.aspx?familyid=03e014b0-e318-461b-b469-ecdd257b50b4

The Microsoft advisory is available at:

https://technet.microsoft.com/library/security/ms16-026

Vendor URL:  technet.microsoft.com/library/security/ms16-026 (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC