Vulnerability in Microsoft Font Driver Could Allow Remote Code Execution (3079904)

  Severity: CRITICAL
  CVE Identifier: CVE-2015-2426
  Advisory Date: JUL 21, 2015

  DESCRIPTION

This vulnerability is assigned as CVE-2015-2426 and is described as the following:

Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Driver Vulnerability."