Microsoft Windows GDI+ CVE-2015-1670 OpenType Font Parsing Information Disclosure Vulnerability

Bugtraq ID: 74485
Class: Design Error
CVE: CVE-2015-1670
Remote: Yes
Local: No
Published: May 12 2015 12:00AM
Updated: Jul 15 2015 12:45AM
Credit: Mateusz Jurczyk of Google Project Zero.
Vulnerable: Microsoft Windows Vista Service Pack 2 0
Microsoft Windows Server 2008 R2 for x64-based Systems SP1
Microsoft Windows Server 2008 for x64-based Systems SP2
Microsoft Windows Server 2008 for Itanium-based Systems SP2
Microsoft Windows Server 2008 for 32-bit Systems SP2
Microsoft Windows Server 2003 Itanium SP2
Microsoft Windows Server 2003 SP2
Microsoft Windows 7 for x64-based Systems SP1
Microsoft Windows 7 for 32-bit Systems SP1
Avaya Messaging Application Server 5.2
Avaya Meeting Exchange - Webportal 0
Avaya CallPilot 5.0
Avaya CallPilot 4.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus