CVE-2016-7210

MEDIUM Year: 2016
CVSS v3 Score
6.5
Medium
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-200
View all →

Vulnerability Description

atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted Open Type font on a web site, aka "Open Type Font Information Disclosure Vulnerability."

Related Vulnerabilities

CVE-2008-3474

MEDIUM
CVSS:6.5(Medium)

Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy a...

CWE-2002008

CVE-2008-5083

MEDIUM
CVSS:6.5(Medium)

In JON 2.1.x before 2.1.2 SP1, users can obtain unauthorized security information about private resources managed by JBoss ON.

CWE-2002008

CVE-2010-0488

MEDIUM
CVSS:6.5(Medium)

Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified "encoding strings," which allows remote attackers to bypass the Same Origin Policy and obtain sensitive infor...

CWE-2002010

CVE-2010-3330

MEDIUM
CVSS:6.5(Medium)

Microsoft Internet Explorer 6 through 8 does not properly restrict script access to content from a different (1) domain or (2) zone, which allows remote attackers to obtain sensitive information via a...

CWE-2002010

CVE-2010-3664

MEDIUM
CVSS:6.5(Medium)

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Information Disclosure on the backend.

CWE-2002010

CVE-2010-3917

MEDIUM
CVSS:6.5(Medium)

Google Chrome before 3.0 does not properly handle XML documents, which allows remote attackers to obtain sensitive information via a crafted web site.

CWE-2002010