ms10-001: vulnerability in the embedded opentype font engine could allow remote code execution for Windows 7 (KB972270)
Risk Information
Base Score
8.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
68.946%
CVE Information
Patch Details
Patch associated with this vulnerability is supported by ManageEngine.
Patch ID
8005
Patch Description
Security Update for Windows 7 (KB972270)
References
http://blogs.technet.com/srd/archive/2010/01/12/ms10-001-font-file-decompression-vulnerability.aspx
http://osvdb.org/61651
http://secunia.com/advisories/35457
http://www.microsoft.com/technet/security/Bulletin/MS10-001.mspx
http://www.securityfocus.com/bid/37671
http://www.securitytracker.com/id?1023432
http://www.us-cert.gov/cas/techalerts/TA10-012B.html
http://www.vupen.com/english/advisories/2010/0095