VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 12, 2012· Updated Apr 29, 2026

CVE-2012-2556

CVE-2012-2556

Description

The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to execute arbitrary code via a crafted OpenType font file, aka "OpenType Font Parsing Vulnerability."

Affected products

25
  • Microsoft/Windows Server 20032 versions
    cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
  • Microsoft/Windows 76 versions
    cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_7:*:sp1:x86:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_7:*:*:x86:*:*:*:*:*
  • Microsoft/Windows 82 versions
    cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_8:-:-:x86:*:*:*:*:*
  • Microsoft/Windows Rt
    cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*
  • Microsoft/Windows Server 200810 versions
    cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*+ 9 more
    • cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*
  • Microsoft/Windows Server 2012
    cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
  • Microsoft/Windows Vista
    cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
  • Microsoft/Windows Xp2 versions
    cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.