← Back

CVE-2013-3128

nvd nist
Published: Oct 9, 2013Modified: Apr 29, 2026

JSON object

Loading...
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD

Description

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5, allow remote attackers to execute arbitrary code via a crafted OpenType font (OTF) file, aka "OpenType Font Parsing Vulnerability."

Affected (10)

Microsoft
5 products
Windows 7
Windows Rt
Windows Server 2003
Windows Server 2008
.net Framework
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Windows 7
All versions
Windows Rt
All versions
Windows Server 2003
All versions
Microsoft
Windows Server 2008
All versions
Windows Server 2008
Version r2 sp1
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
.net Framework
Version 3.0 sp2
Configuration C
1 vulnerable · 3 platform
Vulnerable SoftwareAffected Versions
.net Framework
Version 3.5
Running on/withPlatform Versions
Microsoft
Windows 8
All versions
Microsoft
Windows 8
All versions
Microsoft
Windows Server 2012
All versions
Configuration D
1 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
.net Framework
Version 3.5.1
Running on/withPlatform Versions
Microsoft
Windows 7
All versions
Microsoft
Windows Server 2008
Version r2 sp1
Configuration E
1 vulnerable · 4 platform
Vulnerable SoftwareAffected Versions
.net Framework
Version 4.0
Running on/withPlatform Versions
Microsoft
Windows Server 2003
All versions
Microsoft
Windows Server 2003
All versions
Microsoft
Windows Xp
All versions
Microsoft
Windows Xp
All versions
Configuration F
1 vulnerable · 4 platform
Vulnerable SoftwareAffected Versions
.net Framework
Version 4.5
Running on/withPlatform Versions
Microsoft
Windows Server 2008
All versions
Microsoft
Windows Server 2008
All versions
Microsoft
Windows Vista
All versions
Microsoft
Windows Vista
All versions

References (8)

Source: secure@microsoft.com
Third Party AdvisoryUS Government Resource
Source: secure@microsoft.com
PatchVendor Advisory
Source: secure@microsoft.com
PatchVendor Advisory
Source: secure@microsoft.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.