CVE-2018-0788Corporation Windows Adobe Type Manager Font Driver vulnerability

5 documents4 sources
Severity
7.0HIGHNVD
EPSS
1.1%
top 21.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
14
Microsoft Corporation Windows Adobe Type Manager Font DriverMicrosoft Windows Server 2008Microsoft Windows Server 2012+11 more
Timeline
PublishedJan 4
Latest updateMay 13

Description

The Windows Adobe Type Manager Font Driver (Atmfd.dll) in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 and R2 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "OpenType Font Driver Elevation of Privilege Vulnerability".

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages13 packages

CVEListV5microsoft_corporation/windows_adobe_type_manager_font_driverWindows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 and R2

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

1
GHSA
GHSA-6m74-gf29-77gx: The Windows Adobe Type Manager Font Driver (Atmfd2022-05-13

📋Vendor Advisories

1
Microsoft
OpenType Font Driver Elevation of Privilege Vulnerability2018-01-09

🕵️Threat Intelligence

2
Talos
Microsoft Patch Tuesday - January 20182018-01-09
Talos
Microsoft Patch Tuesday - January 20182018-01-09