漏洞描述
Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。 Windows中自带的ATMFD Adobe字体驱动处理.OTF文件中的畸形CMAP目录项时存在漏洞,攻击者可将特制的OpenType字体保存在网络共享上,当用户浏览到Windows Explorer中的共享时,将触发受影响的控制路径,从而完全控制受影响的系统。
Microsoft Windows OpenType Font (OTF)驱动程序无效数组远程代码执行漏洞
PoC代码
暂无相关漏洞推荐
- POC sharepoint-lists-api-disclosure: Microsoft SharePoint - List API Disclosure
- POC CVE-2025-13315: Twonky Server 8.5.2 on Linux and Windows - Log File Exposure
- POC sharepoint-layouts-disclosure: Microsoft SharePoint - Layouts Disclosure
- POC sharepoint-masterpage-disclosure: Microsoft SharePoint - Master Page Disclosure
- POC sharepoint-site-metadata-disclosure: Microsoft SharePoint - Site Metadata Disclosure
- POC sharepoint-sitepages-disclosure: Microsoft SharePoint - Site Pages Disclosure
- POC CVE-2025-49706: Microsoft SharePoint Server - Authentication Bypass
- Windows PolicyConfiguration 计划任务特权提升漏洞(CVE-2025-60710)
- Windows 11 PolicyConfiguration 计划任务特权提升漏洞(CVE-2025-60710)
- Windows 11 RAiLaunchAdminProcess 管理员保护特权提升漏洞
- (CVE-2025-62522)Vite开发服务器Windows环境下文件泄露漏洞
- (CVE-2025-53770)Microsoft SharePoint Server反序列化漏洞允许远程代码执行
- (CVE-2025-41246) VMware Tools for Windows授权不当漏洞