CVE-2015-6103

Published: Nov 11, 2015Modified: May 6, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Windows Graphics Memory Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-6104.

Affected (13)

Products: Microsoft: Windows 10, Windows 7, Windows 8, Windows 8.1, Windows Rt, Windows Rt 8.1, Windows Server 2008, Windows Server 2012, Windows Vista

9 products

Windows Server 2008

Windows Server 2012

Configuration A

13 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 10	All versions
Microsoft Windows 10	Version 1511
Microsoft Windows 7	All versions
Microsoft Windows 8	All versions
Microsoft Windows 8.1	All versions
Microsoft Windows Rt	All versions
Microsoft Windows Rt 8.1	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	Version r2 sp1
Microsoft Windows Server 2008	Version r2 sp1
Microsoft Windows Server 2012	All versions
Microsoft Windows Server 2012	Version r2
Microsoft Windows Vista	All versions

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

http://packetstormsecurity.com/files/134397/Microsoft-Windows-Kernel-Win32k.sys-TTF-Font-Processing-Buffer-Overflow.html

Source: secure@microsoft.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1034114

Source: secure@microsoft.com

Third Party AdvisoryVDB Entry

https://code.google.com/p/google-security-research/issues/detail?id=506

Source: secure@microsoft.com

ExploitMailing ListThird Party Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-115

Source: secure@microsoft.com

PatchVendor Advisory

https://www.exploit-db.com/exploits/38714/

Source: secure@microsoft.com

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/134397/Microsoft-Windows-Kernel-Win32k.sys-TTF-Font-Processing-Buffer-Overflow.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1034114

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://code.google.com/p/google-security-research/issues/detail?id=506

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMailing ListThird Party Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-115

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://www.exploit-db.com/exploits/38714/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

Timeline

No history available yet.