MS12-019  MS12-019 - Moderate : Vulnerability in DirectWrite Could Allow Denial of Service (2665364) - Version: 1.0

Version2012-03-13 Severity Rating: Moderate Revision Note: V1.0 (March 13, 2012): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in Windows DirectWrite. In an Instant Messenger-based attack scenario, the vulnerability could allow denial of service if an attacker sends a specially crafted sequence of Unicode characters directly to an Instant Messenger client. The target application could become unresponsive when DirectWrite renders the specially crafted sequence of Unicode characters.
Bulletin details at Microsoft.com

Related CVE Entries

CVE-2012-0156

DirectWrite in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly render Unicode characters, which allows remote attackers to cause a denial of service (application hang) via a (1) instant message or (2) web site, aka "DirectWrite Application Denial of Service Vulnerability."
Max CVSS
4.3
EPSS Score
2.63%
Published
2012-03-13
Updated
2023-12-07
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close