Remote Code Execution Vulnerability in Adobe Type Manager Library on Microsoft Windows
CVE-2015-6104

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Server 2008; Windows Server 2012; Windows Rt; Windows 10
Vendor: CVE Published:; 11 November 2015

What is CVE-2015-6104?

The Adobe Type Manager Library in various Microsoft Windows versions allows attackers to execute arbitrary code through specially crafted embedded fonts. This vulnerability poses significant risks as it enables unauthorized actions by exploiting the way Windows handles font processing. Attackers can leverage this flaw to execute malicious code, potentially compromising the security of affected systems and exposing sensitive data.

References

https://www.exploit-db.com/exploits/38713/

exploitx_refsource_EXPLOIT-DB

http://packetstormsecurity.com/files/134398/Microsoft-Win...

x_refsource_MISC

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

56% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 11, 2015
Vulnerability Reserved
Aug 14, 2015