Vigil@nce - Windows: memory corruption via ATM Font Driver
September 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can generate a memory corruption in ATMFD.DLL of
Windows, in order to trigger a denial of service, and possibly to
run code.
– Impacted products: Windows 2003, Windows 2008 R0, Windows 2008 R2,
Microsoft Windows 2012, Windows 7, Windows 8, Windows RT, Windows
Vista.
– Severity: 2/4.
– Creation date: 15/07/2015.
DESCRIPTION OF THE VULNERABILITY
The ATMFD.DLL (Adobe Type Manager Font Driver) library is
installed on the system to manage character fonts.
However, a local application using a malicious font corrupts the
ATMFD.DLL memory.
A local attacker can therefore generate a memory corruption in
ATMFD.DLL of Windows, in order to trigger a denial of service, and
possibly to run code.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Windows-memory-corruption-via-ATM-Font-Driver-17368