Open Type Font Information Disclosure in Microsoft Windows
CVE-2016-7210

6.5MEDIUM

Key Information:

Vendor

Microsoft
Status
Windows Rt 8.1
Windows Server 2012
Windows 7
Windows 10
Vendor
CVE Published:
10 November 2016

What is CVE-2016-7210?

The atmfd.dll component in various Microsoft Windows versions is susceptible to an information disclosure vulnerability through crafted Open Type fonts. Attackers can exploit this flaw to gain access to sensitive information residing in process memory when users visit a compromised web page. This vulnerability underscores the need for timely updates and security practices to safeguard systems against potential data breaches.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id/1037243
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/94030
vdb-entryx_refsource_BID
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

35% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.