Vulnerability Details : CVE-2007-1213
The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges via crafted TrueType fonts, which result in an uninitialized function pointer.
Exploit prediction scoring system (EPSS) score for CVE-2007-1213
Probability of exploitation activity in the next 30 days: 0.54%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 77 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2007-1213
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2007-1213
-
The product accesses or uses a pointer that has not been initialized.Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-1213
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1797
404 Not FoundBroken Link
-
http://www.vupen.com/english/advisories/2007/1215
Webmail: access your OVH emails on ovhcloud.com | OVHcloudBroken Link
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017
Microsoft Security Bulletin MS07-017 - Critical | Microsoft LearnPatch;Vendor Advisory
-
http://www.securityfocus.com/bid/23276
Broken Link;Third Party Advisory;VDB Entry
-
http://www.securitytracker.com/id?1017845
Broken Link;Third Party Advisory;VDB Entry
-
http://www.securityfocus.com/archive/1/466186/100/200/threaded
Broken Link;Third Party Advisory;VDB Entry
Products affected by CVE-2007-1213
- cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*