E20-0z561
CVSS:
7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
False Positive:
f
Variants:
1
Year:
2020
Description
A memory corruption vulnerability has been reported in Adobe Type Manager component of Microsoft Windows. The vulnerability is due to improper handling of specially crafted BlendDesignPositions array in multiple master Type 1 fonts.
A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted font file.
Successful exploitation could result either in the execution of arbitrary code with SYSTEM or UMFD permissions or denial of service condition.