CVE-2016-7256
HIGH KEVMicrosoft Windows 10 1507 - Remote Code Execution
Title source: ruleDescription
atmfd.dll in the Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Open Type Font Remote Code Execution Vulnerability."
References (5)
Scores
CVSS v3
8.8
EPSS
0.5648
EPSS Percentile
98.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CISA KEV
2022-05-25
VulnCheck KEV
2016-11-08
InTheWild.io
2016-11-08
ENISA EUVD
EUVD-2016-8112
Status
published
Products (12)
microsoft/windows_10_1507
microsoft/windows_10_1511
microsoft/windows_10_1607
microsoft/windows_7
microsoft/windows_8.1
microsoft/windows_rt_8.1
microsoft/windows_server_2008
microsoft/windows_server_2008
r2 sp1
microsoft/windows_server_2012
microsoft/windows_server_2012
r2
... and 2 more
Published
Nov 10, 2016
KEV Added
May 25, 2022
Tracked Since
Feb 18, 2026