cbcvebase.
CVE-2010-0018
published 2010-01-13

CVE-2010-0018: Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2…

PriorityP261critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
26.52%
97.8th percentile
Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code via compressed data that represents a crafted EOT font, aka "Microtype Express Compressed Fonts Integer Flaw in the LZCOMP Decompressor Vulnerability."

Detection & IOCsextracted from sources · hover to see the quote

patht2embed.dll
  • Use Nessus Plugin ID 43865 (Credentialed Check) to detect unpatched systems vulnerable to MS10-001 (CVE-2010-0018) via authenticated scanning.
  • The vulnerability is triggered when a user renders fonts on a web page or opens a Microsoft Office document containing embedded fonts — monitor for suspicious EOT font rendering activity in browsers and Office processes.
  • Fingerprint exposed Windows 2000 systems (highest-risk targets, rated Critical) by detecting IIS 5.0 banners using the search string 'Microsoft\/5.0', as IIS 5.0 runs exclusively on Windows 2000.
  • ·The vulnerability is rated Critical only on Windows 2000 SP4; all other affected platforms (XP, Server 2003, Vista, Server 2008, Windows 7) are rated Low, meaning exploitation risk is significantly higher on Windows 2000.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.