QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2015-1671

Back to search

CVE-2015-1671

Published: May 13, 2015

Modified: Oct 21, 2025

PUBLISHED

Description

The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 before 5.1.40416.00; and Silverlight 5 Developer Runtime before 5.1.40416.00, allows remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability."

VendorProductVersions

n/a

n/a

affected
n/a

References

MS15-044
vendor-advisory
x_refsource_MS
1032281
vdb-entry
x_refsource_SECTRACK
74490
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now