CVE-2018-0855
Description
The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1 and Windows Server 2008 R2 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka Windows EOT Font Engine Information Disclosure Vulnerability. This CVE ID is unique from CVE-2018-0755, CVE-2018-0760, and CVE-2018-0761.
Risk Information
Base Score
4.4
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
EPSS Score
Exploitation Probability
12.825
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Windows Scripting Engine Memory Corruption Vulnerability for Windows Server 2008 R2 for x64-based Systems - Meltdown and Spectre(KB4074587) | Windows |
| Windows Scripting Engine Memory Corruption Vulnerability for Windows 7 for x64-based Systems - Meltdown and Spectre(KB4074587) | Windows |
| Windows Scripting Engine Memory Corruption Vulnerability for Windows 7 for x86-based Systems - Meltdown and Spectre(KB4074587) | Windows |
| Windows Scripting Engine Memory Corruption Vulnerability for Windows 7 for x64-based Systems - Meltdown and Spectre(KB4074598) | Windows |
| Windows Scripting Engine Memory Corruption Vulnerability for Windows Server 2008 R2 for x64-based Systems - Meltdown and Spectre(KB4074598) | Windows |
| Windows Scripting Engine Memory Corruption Vulnerability for Windows 7 for x86-based Systems - Meltdown and Spectre(KB4074598) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-23830 | 2018-02 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems - Meltdown and Spectre(KB4074587) |
| PATCH-23829 | 2018-02 Security Only Quality Update for Windows 7 for x64-based Systems - Meltdown and Spectre(KB4074587) |
| PATCH-23828 | 2018-02 Security Only Quality Update for Windows 7 for x86-based Systems - Meltdown and Spectre(KB4074587) |
| PATCH-23836 | 2018-02 Security Monthly Quality Rollup for Windows 7 for x64-based Systems - Meltdown and Spectre(KB4074598) |
| PATCH-23837 | 2018-02 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems - Meltdown and Spectre(KB4074598) |
| PATCH-23835 | 2018-02 Security Monthly Quality Rollup for Windows 7 for x86-based Systems - Meltdown and Spectre(KB4074598) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234