CVE-2010-0018
published 2010-01-13CVE-2010-0018: Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2…
PriorityP261critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
26.52%
97.8th percentile
Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code via compressed data that represents a crafted EOT font, aka "Microtype Express Compressed Fonts Integer Flaw in the LZCOMP Decompressor Vulnerability."
Detection & IOCsextracted from sources · hover to see the quote
- →Use Nessus Plugin ID 43865 (Credentialed Check) to detect unpatched systems vulnerable to MS10-001 (CVE-2010-0018) via authenticated scanning. ↗
- →The vulnerability is triggered when a user renders fonts on a web page or opens a Microsoft Office document containing embedded fonts — monitor for suspicious EOT font rendering activity in browsers and Office processes. ↗
- →Fingerprint exposed Windows 2000 systems (highest-risk targets, rated Critical) by detecting IIS 5.0 banners using the search string 'Microsoft\/5.0', as IIS 5.0 runs exclusively on Windows 2000. ↗
- ·The vulnerability is rated Critical only on Windows 2000 SP4; all other affected platforms (XP, Server 2003, Vista, Server 2008, Windows 7) are rated Low, meaning exploitation risk is significantly higher on Windows 2000. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Tenable
Microsoft Patch Tuesday - January 2010 - "Aged Cheese" Edition
blogs_tenable·2010-01-14
Microsoft Patch Tuesday - January 2010 - "Aged Cheese" Edition
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
Microsoft Patch Tuesday - January 2010 - "Aged Cheese" Edition
blogs_tenable·2010-01-14·CVSS 9.3
[CRITICAL] Microsoft Patch Tuesday - January 2010 - "Aged Cheese" Edition
Blog /
Subscribe
# Microsoft Patch Tuesday - January 2010 - "Aged Cheese" Edition
Paul Asadoorian
January 14, 2010
3 Min Read
### Stinky, Aged Operating System?
It’s that time of the month again - Microsoft patch Tuesday of course! This month I expected to research several different vulnerabilities, how they work, methods to detect them, etc. However, Microsoft is only patching one vulnerability this month. I can’t believe there is only one vulnerability this month! In any case, this month's vulnerability occurs in the way applications handle Embedded OpenType fonts. I was a bit puzzled as to why so much effort was going into font rendering until I discovered that it is common for web sites to implement different languages and have them display correctly to the end user (primarily fo
Bugzilla
CVE-2009-1189 dbus: invalid fix for CVE-2008-3834
bugzilla·2009-04-20·CVSS 2.1
CVE-2009-1189 [LOW] CVE-2009-1189 dbus: invalid fix for CVE-2008-3834
CVE-2009-1189 dbus: invalid fix for CVE-2008-3834
It was found that the patch to fix CVE-2008-3834 in dbus was incorrect and as a
result the flaw was never properly fixed (remote denial of service
vulnerability). This issue has been assigned CVE-2009-1189.
The upstream bug report is here:
https://bugs.freedesktop.org/show_bug.cgi?id=17803
Our bug report for CVE-2008-3834 is bug #464674 .
Discussion:
The upstream fix is here:
https://bugs.freedesktop.org/attachment.cgi?id=24436
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 5
Via RHSA-2010:0018 https://rhn.redhat.com/errata/RHSA-2010-0018.html
http://blogs.technet.com/srd/archive/2010/01/12/ms10-001-font-file-decompression-vulnerability.aspxhttp://osvdb.org/61651http://secunia.com/advisories/35457http://www.securityfocus.com/bid/37671http://www.securitytracker.com/id?1023432http://www.us-cert.gov/cas/techalerts/TA10-012B.htmlhttp://www.vupen.com/english/advisories/2010/0095https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-001https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8324http://blogs.technet.com/srd/archive/2010/01/12/ms10-001-font-file-decompression-vulnerability.aspxhttp://osvdb.org/61651http://secunia.com/advisories/35457http://www.securityfocus.com/bid/37671http://www.securitytracker.com/id?1023432http://www.us-cert.gov/cas/techalerts/TA10-012B.htmlhttp://www.vupen.com/english/advisories/2010/0095https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-001https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8324
2010-01-13
Published