TrueType Font Parsing Flaw in Microsoft Products
CVE-2013-3129

Currently unrated

Key Information:

Vendor

Microsoft
Status
.net Framework
Silverlight
Visual Studio .net
Lync
Vendor
CVE Published:
10 July 2013

What is CVE-2013-3129?

A vulnerability exists in multiple Microsoft products, including the .NET Framework and Office applications, allowing remote attackers to execute arbitrary code. This occurs via the unsafe parsing of specially crafted TrueType Font (TTF) files. A successful exploitation can lead to unauthorized actions on affected systems, exploiting the rendering features of TTF within various software components.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

51% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.