CVE-2010-0819

Microsoft Windows - Memory Corruption

Title source: llm
STIX 2.1

Description

Unspecified vulnerability in the Windows OpenType Compact Font Format (CFF) driver in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users to execute arbitrary code via unknown vectors related to improper validation when copying data from user mode to kernel mode, aka "OpenType CFF Font Driver Memory Corruption Vulnerability."

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/58884
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7072
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/40572
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA10-159B.html

Scores

EPSS 0.0208
EPSS Percentile 79.3%

Details

CWE
CWE-20
Status published
Products (7)
microsoft/windows_2000
microsoft/windows_2003_server (3 CPE variants)
microsoft/windows_7
microsoft/windows_server_2008 (6 CPE variants)
microsoft/windows_server_2008 r2 (2 CPE variants)
microsoft/windows_vista (4 CPE variants)
microsoft/windows_xp (3 CPE variants)
Published Jun 08, 2010
Tracked Since Feb 18, 2026