OpenType Font Parsing Vulnerability in Microsoft Windows Products
CVE-2013-3128

Currently unrated

Key Information:

Vendor

Microsoft
Status
Windows Xp
Windows Server 2008
Windows 7
Windows Rt
Vendor
CVE Published:
9 October 2013

What is CVE-2013-3128?

This vulnerability affects multiple versions of Microsoft Windows and .NET Framework, allowing remote attackers to execute arbitrary code by exploiting a flaw in the processing of OpenType font files. Attackers can craft malicious OTF files that, when opened by a victim's system, could trigger the execution of harmful code with elevated privileges, potentially compromising the affected system. This issue underscores the importance of applying security updates and utilizing protective measures to safeguard against exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

57% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.