Heap-based buffer overflow in Microsoft Windows products
CVE-2006-0010

Currently unrated

Key Information:

Vendor

Microsoft
Status
Windows Nt
Windows Xp
Windows 2003 Server
Windows 2000
Vendor
CVE Published:
10 January 2006

What is CVE-2006-0010?

This vulnerability exists within the T2EMBED.DLL file in various versions of Microsoft Windows, allowing remote attackers to trigger a heap-based buffer overflow via a specially crafted Embedded Open Type (EOT) web font. This can be executed through malicious email messages or compromised web pages, leading to potential arbitrary code execution on the affected systems.

References

http://seclists.org/fulldisclosure/2006/Jan/363
mailing-listx_refsource_FULLDISC
http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.js...
x_refsource_MISC
http://www.kb.cert.org/vuls/id/915930
third-party-advisoryx_refsource_CERT-VN

EPSS Score

62% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2006-0010 : Heap-based buffer overflow in Microsoft Windows products