CVE-2007-1213

Microsoft Windows 2000 SP4 - Privilege Escalation

Title source: llm

Description

The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges via crafted TrueType fonts, which result in an uninitialized function pointer.

Exploits (3)

exploitdb WORKING POC

remotewindows

https://www.exploit-db.com/exploits/3804

View Code ZIP pw:eip

exploitdb WORKING POC

clocalwindows

https://www.exploit-db.com/exploits/3755

View Code ZIP pw:eip

exploitdb WORKING POC

clocalwindows

https://www.exploit-db.com/exploits/3688

View Code ZIP pw:eip

References (6)

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/466186/100/200/threaded

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/23276

[Broken Link, Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1017845

[Broken Link] http://www.vupen.com/english/advisories/2007/1215

[Patch, Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017

[Broken Link] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1797

Scores

EPSS 0.0174

EPSS Percentile 82.6%

Details

CWE

CWE-824

Status published

Products (1)

microsoft/windows_2000

Published Apr 04, 2007

Tracked Since Feb 18, 2026