Microsoft Windows OpenType Compact Font Format Memory Corruption Vulnerability

Overview

» IDS/IPS Signatures

Security Sites

iPolicy Networks Security Advisory


Date Discovered:	06/08/2010
Severity:	High
Operating Systems Affected:	Microsoft Windows 2000 Service Pack 4 Windows XP SP 2 Windows XP SP 3 Windows XP Professional x64 Edition SP 2 Windows Server 2003 SP 2 Windows Server 2003 x64 Edition SP 2 Windows Server 2003 SP2 for Itanium-based Systems Windows Vista SP 1 Windows Vista SP 2 Windows Vista x64 Edition SP 1 Windows Vista x64 Edition SP 2 Windows Server 2008 for 32-bit Systems Windows Server 2008 for 32-bit Systems SP 2 Windows Server 2008 for x64-based Systems Windows Server 2008 for x64-based Systems SP 2 Windows Server 2008 for Itanium-based Systems Windows Server 2008 for Itanium-based Systems SP 2 Microsoft Windows 7 for 32-bit Systems Microsoft Windows 7 for x64-based Systems Microsoft Windows Server 2008 R2 for x64-based Systems Microsoft Windows Server 2008 R2 for Itanium-based Systems
Identifiers:	CVE-2010-0819

Synopsis

Microsoft Windows OpenType Compact Font Format (CFF) driver is prone to memory corruption vulnerability which could be exploited by an attacker to execute arbitrary code on the affected system.

Recommended Actions

Update the patches as guided by vendor at :
http://www.microsoft.com/technet/security/bulletin/MS10-037.mspx

Threat Analysis

A memory corruption vulnerability exists in Microsoft Windows OpenType Compact Font Format (CFF) driver. The issue is due to improper validation of certain data passed from user mode to kernel mode.

A remote attacker could exploit the vulnerability to execute arbitrary code in kernel mode. Successful exploitation of the vulnerability could allow an attacker to install programs, view, change, or delete data or create new accounts with full user rights.

References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0819

Write-up by: Anupam Kumar