CVE-2013-3894
Description
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted CMAP table in a TrueType font (TTF) file, aka TrueType Font CMAP Table Vulnerability.
Risk Information
Base Score
8.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
27.036
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Security Update for Windows XP (KB2847311) | Windows |
| Security Update for Windows Server 2003 (KB2847311) | Windows |
| Security Update for Windows Vista (KB2847311) | Windows |
| Security Update for Windows Server 2008 (KB2847311) | Windows |
| Security Update for Windows 7 (KB2847311) | Windows |
| Security Update for Windows XP x64 Edition (KB2847311) | Windows |
| Security Update for Windows Server 2003 x64 Edition (KB2847311) | Windows |
| Security Update for Windows Vista for x64-based Systems (KB2847311) | Windows |
| Security Update for Windows Server 2008 x64 Edition (KB2847311) | Windows |
| Security Update for Windows 7 for x64-based Systems (KB2847311) | Windows |
| Security Update for Windows Server 2008 R2 x64 Edition (KB2847311) | Windows |
| Security Update for Windows 8 (KB2847311) | Windows |
| Security Update for Windows 8 for x64-based Systems (KB2847311) | Windows |
| Security Update for Windows Server 2012 (KB2847311) | Windows |
| Security Update for Windows XP (KB2862330) | Windows |
| Security Update for Windows Server 2003 (KB2862330) | Windows |
| Security Update for Windows Vista (KB2862330) | Windows |
| Security Update for Windows Server 2008 (KB2862330) | Windows |
| Security Update for Windows 7 (KB2862330) | Windows |
| Security Update for Windows XP x64 Edition (KB2862330) | Windows |
| Security Update for Windows Server 2003 x64 Edition (KB2862330) | Windows |
| Security Update for Windows Vista for x64-based Systems (KB2862330) | Windows |
| Security Update for Windows Server 2008 x64 Edition (KB2862330) | Windows |
| Security Update for Windows 7 for x64-based Systems (KB2862330) | Windows |
| Security Update for Windows Server 2008 R2 x64 Edition (KB2862330) | Windows |
| Security Update for Windows 8 (KB2862330) | Windows |
| Security Update for Windows 8 for x64-based Systems (KB2862330) | Windows |
| Security Update for Windows Server 2012 (KB2862330) | Windows |
| Security Update for Windows XP (KB2862335) | Windows |
| Security Update for Windows Server 2003 (KB2862335) | Windows |
| Security Update for Windows Vista (KB2862335) | Windows |
| Security Update for Windows Server 2008 (KB2862335) | Windows |
| Security Update for Windows 7 (KB2862335) | Windows |
| Security Update for Windows XP x64 Edition (KB2862335) | Windows |
| Security Update for Windows Server 2003 x64 Edition (KB2862335) | Windows |
| Security Update for Windows Vista for x64-based Systems (KB2862335) | Windows |
| Security Update for Windows Server 2008 x64 Edition (KB2862335) | Windows |
| Security Update for Windows 7 for x64-based Systems (KB2862335) | Windows |
| Security Update for Windows Server 2008 R2 x64 Edition (KB2862335) | Windows |
| Security Update for Windows 8 (KB2862335) | Windows |
| Security Update for Windows 8 for x64-based Systems (KB2862335) | Windows |
| Security Update for Windows Server 2012 (KB2862335) | Windows |
| Security Update for Windows XP (KB2868038) | Windows |
| Security Update for Windows Server 2003 (KB2868038) | Windows |
| Security Update for Windows Vista (KB2868038) | Windows |
| Security Update for Windows Server 2008 (KB2868038) | Windows |
| Security Update for Windows 7 (KB2868038) | Windows |
| Security Update for Windows XP x64 Edition (KB2868038) | Windows |
| Security Update for Windows Server 2003 x64 Edition (KB2868038) | Windows |
| Security Update for Windows Vista for x64-based Systems (KB2868038) | Windows |
| Security Update for Windows Server 2008 x64 Edition (KB2868038) | Windows |
| Security Update for Windows 7 for x64-based Systems (KB2868038) | Windows |
| Security Update for Windows Server 2008 R2 x64 Edition (KB2868038) | Windows |
| Security Update for Windows 8 (KB2868038) | Windows |
| Security Update for Windows 8 for x64-based Systems (KB2868038) | Windows |
| Security Update for Windows Server 2012 (KB2868038) | Windows |
| Security Update for Windows XP (KB2883150) | Windows |
| Security Update for Windows Server 2003 (KB2883150) | Windows |
| Security Update for Windows Vista (KB2883150) | Windows |
| Security Update for Windows Server 2008 (KB2883150) | Windows |
| Security Update for Windows 7 (KB2883150) | Windows |
| Security Update for Windows XP x64 Edition (KB2883150) | Windows |
| Security Update for Windows Server 2003 x64 Edition (KB2883150) | Windows |
| Security Update for Windows Vista for x64-based Systems (KB2883150) | Windows |
| Security Update for Windows Server 2008 x64 Edition (KB2883150) | Windows |
| Security Update for Windows 7 for x64-based Systems (KB2883150) | Windows |
| Security Update for Windows Server 2008 R2 x64 Edition (KB2883150) | Windows |
| Security Update for Windows 8 (KB2883150) | Windows |
| Security Update for Windows 8 for x64-based Systems (KB2883150) | Windows |
| Security Update for Windows Server 2012 (KB2883150) | Windows |
| Security Update for Windows XP (KB2884256) | Windows |
| Security Update for Windows Server 2003 (KB2884256) | Windows |
| Security Update for Windows Vista (KB2884256) | Windows |
| Security Update for Windows Server 2008 (KB2884256) | Windows |
| Security Update for Windows 7 (KB2884256) | Windows |
| Security Update for Windows XP x64 Edition (KB2884256) | Windows |
| Security Update for Windows Server 2003 x64 Edition (KB2884256) | Windows |
| Security Update for Windows Vista for x64-based Systems (KB2884256) | Windows |
| Security Update for Windows Server 2008 x64 Edition (KB2884256) | Windows |
| Security Update for Windows 7 for x64-based Systems (KB2884256) | Windows |
| Security Update for Windows Server 2008 R2 x64 Edition (KB2884256) | Windows |
| Security Update for Windows 8 (KB2884256) | Windows |
| Security Update for Windows 8 for x64-based Systems (KB2884256) | Windows |
| Security Update for Windows Server 2012 (KB2884256) | Windows |
| Security Update for Windows Vista (KB2855844) | Windows |
| Security Update for Windows Server 2008 (KB2855844) | Windows |
| Security Update for Windows 7 (KB2855844) | Windows |
| Security Update for Windows Vista for x64-based Systems (KB2855844) | Windows |
| Security Update for Windows Server 2008 x64 Edition (KB2855844) | Windows |
| Security Update for Windows 7 for x64-based Systems (KB2855844) | Windows |
| Security Update for Windows Server 2008 R2 x64 Edition (KB2855844) | Windows |
| Security Update for Windows Vista (KB2864202) | Windows |
| Security Update for Windows Server 2008 (KB2864202) | Windows |
| Security Update for Windows 7 (KB2864202) | Windows |
| Security Update for Windows Vista for x64-based Systems (KB2864202) | Windows |
| Security Update for Windows Server 2008 x64 Edition (KB2864202) | Windows |
| Security Update for Windows 7 for x64-based Systems (KB2864202) | Windows |
| Security Update for Windows Server 2008 R2 x64 Edition (KB2864202) | Windows |
| Security Update for Windows 8 (KB2864202) | Windows |
| Security Update for Windows 8 for x64-based Systems (KB2864202) | Windows |
| Security Update for Windows Server 2012 (KB2864202) | Windows |
| Security Update for Windows Vista (KB2876284) | Windows |
| Security Update for Windows Server 2008 (KB2876284) | Windows |
| Security Update for Windows 7 (KB2876284) | Windows |
| Security Update for Windows Vista for x64-based Systems (KB2876284) | Windows |
| Security Update for Windows Server 2008 x64 Edition (KB2876284) | Windows |
| Security Update for Windows 7 for x64-based Systems (KB2876284) | Windows |
| Security Update for Windows Server 2008 R2 x64 Edition (KB2876284) | Windows |
| Security Update for Windows 8 (KB2863725) | Windows |
| Security Update for Windows 8 for x64-based Systems (KB2863725) | Windows |
| Security Update for Windows Server 2012 (KB2863725) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-14470 | Security Update for Windows Server 2003 (KB2847311) |
| PATCH-14471 | Security Update for Windows Vista (KB2847311) |
| PATCH-14472 | Security Update for Windows Server 2008 (KB2847311) |
| PATCH-14473 | Security Update for Windows 7 (KB2847311) |
| PATCH-14474 | Security Update for Windows XP x64 Edition (KB2847311) |
| PATCH-14475 | Security Update for Windows Server 2003 x64 Edition (KB2847311) |
| PATCH-14476 | Security Update for Windows Vista for x64-based Systems (KB2847311) |
| PATCH-14477 | Security Update for Windows Server 2008 x64 Edition (KB2847311) |
| PATCH-14478 | Security Update for Windows 7 for x64-based Systems (KB2847311) |
| PATCH-14479 | Security Update for Windows Server 2008 R2 x64 Edition (KB2847311) |
| PATCH-14480 | Security Update for Windows 8 (KB2847311) |
| PATCH-14481 | Security Update for Windows 8 for x64-based Systems (KB2847311) |
| PATCH-14482 | Security Update for Windows Server 2012 (KB2847311) |
| PATCH-14484 | Security Update for Windows Server 2003 (KB2862330) |
| PATCH-14485 | Security Update for Windows Vista (KB2862330) |
| PATCH-14486 | Security Update for Windows Server 2008 (KB2862330) |
| PATCH-14487 | Security Update for Windows 7 (KB2862330) |
| PATCH-14488 | Security Update for Windows XP x64 Edition (KB2862330) |
| PATCH-14489 | Security Update for Windows Server 2003 x64 Edition (KB2862330) |
| PATCH-14490 | Security Update for Windows Vista for x64-based Systems (KB2862330) |
| PATCH-14491 | Security Update for Windows Server 2008 x64 Edition (KB2862330) |
| PATCH-14492 | Security Update for Windows 7 for x64-based Systems (KB2862330) |
| PATCH-14493 | Security Update for Windows Server 2008 R2 x64 Edition (KB2862330) |
| PATCH-14494 | Security Update for Windows 8 (KB2862330) |
| PATCH-14495 | Security Update for Windows 8 for x64-based Systems (KB2862330) |
| PATCH-14496 | Security Update for Windows Server 2012 (KB2862330) |
| PATCH-14498 | Security Update for Windows Server 2003 (KB2862335) |
| PATCH-14499 | Security Update for Windows Vista (KB2862335) |
| PATCH-14500 | Security Update for Windows Server 2008 (KB2862335) |
| PATCH-14501 | Security Update for Windows 7 (KB2862335) |
| PATCH-14502 | Security Update for Windows XP x64 Edition (KB2862335) |
| PATCH-14503 | Security Update for Windows Server 2003 x64 Edition (KB2862335) |
| PATCH-14504 | Security Update for Windows Vista for x64-based Systems (KB2862335) |
| PATCH-14505 | Security Update for Windows Server 2008 x64 Edition (KB2862335) |
| PATCH-14506 | Security Update for Windows 7 for x64-based Systems (KB2862335) |
| PATCH-14507 | Security Update for Windows Server 2008 R2 x64 Edition (KB2862335) |
| PATCH-14508 | Security Update for Windows 8 (KB2862335) |
| PATCH-14509 | Security Update for Windows 8 for x64-based Systems (KB2862335) |
| PATCH-14510 | Security Update for Windows Server 2012 (KB2862335) |
| PATCH-14512 | Security Update for Windows Server 2003 (KB2868038) |
| PATCH-14513 | Security Update for Windows Vista (KB2868038) |
| PATCH-14514 | Security Update for Windows Server 2008 (KB2868038) |
| PATCH-14515 | Security Update for Windows 7 (KB2868038) |
| PATCH-14516 | Security Update for Windows XP x64 Edition (KB2868038) |
| PATCH-14517 | Security Update for Windows Server 2003 x64 Edition (KB2868038) |
| PATCH-14518 | Security Update for Windows Vista for x64-based Systems (KB2868038) |
| PATCH-14519 | Security Update for Windows Server 2008 x64 Edition (KB2868038) |
| PATCH-14520 | Security Update for Windows 7 for x64-based Systems (KB2868038) |
| PATCH-14521 | Security Update for Windows Server 2008 R2 x64 Edition (KB2868038) |
| PATCH-14522 | Security Update for Windows 8 (KB2868038) |
| PATCH-14523 | Security Update for Windows 8 for x64-based Systems (KB2868038) |
| PATCH-14524 | Security Update for Windows Server 2012 (KB2868038) |
| PATCH-14526 | Security Update for Windows Server 2003 (KB2883150) |
| PATCH-14527 | Security Update for Windows Vista (KB2883150) |
| PATCH-14528 | Security Update for Windows Server 2008 (KB2883150) |
| PATCH-14529 | Security Update for Windows 7 (KB2883150) |
| PATCH-14530 | Security Update for Windows XP x64 Edition (KB2883150) |
| PATCH-14531 | Security Update for Windows Server 2003 x64 Edition (KB2883150) |
| PATCH-14532 | Security Update for Windows Vista for x64-based Systems (KB2883150) |
| PATCH-14533 | Security Update for Windows Server 2008 x64 Edition (KB2883150) |
| PATCH-14534 | Security Update for Windows 7 for x64-based Systems (KB2883150) |
| PATCH-14535 | Security Update for Windows Server 2008 R2 x64 Edition (KB2883150) |
| PATCH-14536 | Security Update for Windows 8 (KB2883150) |
| PATCH-14537 | Security Update for Windows 8 for x64-based Systems (KB2883150) |
| PATCH-14538 | Security Update for Windows Server 2012 (KB2883150) |
| PATCH-14540 | Security Update for Windows Server 2003 (KB2884256) |
| PATCH-14541 | Security Update for Windows Vista (KB2884256) |
| PATCH-14542 | Security Update for Windows Server 2008 (KB2884256) |
| PATCH-14543 | Security Update for Windows 7 (KB2884256) |
| PATCH-14544 | Security Update for Windows XP x64 Edition (KB2884256) |
| PATCH-14545 | Security Update for Windows Server 2003 x64 Edition (KB2884256) |
| PATCH-14546 | Security Update for Windows Vista for x64-based Systems (KB2884256) |
| PATCH-14547 | Security Update for Windows Server 2008 x64 Edition (KB2884256) |
| PATCH-14548 | Security Update for Windows 7 for x64-based Systems (KB2884256) |
| PATCH-14549 | Security Update for Windows Server 2008 R2 x64 Edition (KB2884256) |
| PATCH-14550 | Security Update for Windows 8 (KB2884256) |
| PATCH-14551 | Security Update for Windows 8 for x64-based Systems (KB2884256) |
| PATCH-14552 | Security Update for Windows Server 2012 (KB2884256) |
| PATCH-14553 | Security Update for Windows Vista (KB2855844) |
| PATCH-14554 | Security Update for Windows Server 2008 (KB2855844) |
| PATCH-14555 | Security Update for Windows 7 (KB2855844) |
| PATCH-14556 | Security Update for Windows Vista for x64-based Systems (KB2855844) |
| PATCH-14557 | Security Update for Windows Server 2008 x64 Edition (KB2855844) |
| PATCH-14558 | Security Update for Windows 7 for x64-based Systems (KB2855844) |
| PATCH-14559 | Security Update for Windows Server 2008 R2 x64 Edition (KB2855844) |
| PATCH-14611 | Security Update for Windows Vista (KB2864202) |
| PATCH-14612 | Security Update for Windows Server 2008 (KB2864202) |
| PATCH-14613 | Security Update for Windows 7 (KB2864202) |
| PATCH-14614 | Security Update for Windows Vista for x64-based Systems (KB2864202) |
| PATCH-14615 | Security Update for Windows Server 2008 x64 Edition (KB2864202) |
| PATCH-14616 | Security Update for Windows 7 for x64-based Systems (KB2864202) |
| PATCH-14617 | Security Update for Windows Server 2008 R2 x64 Edition (KB2864202) |
| PATCH-14618 | Security Update for Windows 8 (KB2864202) |
| PATCH-14619 | Security Update for Windows 8 for x64-based Systems (KB2864202) |
| PATCH-14620 | Security Update for Windows Server 2012 (KB2864202) |
| PATCH-14621 | Security Update for Windows Vista (KB2876284) |
| PATCH-14622 | Security Update for Windows Server 2008 (KB2876284) |
| PATCH-14623 | Security Update for Windows 7 (KB2876284) |
| PATCH-14624 | Security Update for Windows Vista for x64-based Systems (KB2876284) |
| PATCH-14625 | Security Update for Windows Server 2008 x64 Edition (KB2876284) |
| PATCH-14626 | Security Update for Windows 7 for x64-based Systems (KB2876284) |
| PATCH-14627 | Security Update for Windows Server 2008 R2 x64 Edition (KB2876284) |
| PATCH-14628 | Security Update for Windows 8 (KB2863725) |
| PATCH-14629 | Security Update for Windows 8 for x64-based Systems (KB2863725) |
| PATCH-14630 | Security Update for Windows Server 2012 (KB2863725) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234