VYPR
Unrated severityNVD Advisory· Published Aug 15, 2015· Updated Jun 17, 2026

CVE-2015-2456

CVE-2015-2456

Description

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, Silverlight before 5.1.40728, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allow remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability," a different vulnerability than CVE-2015-2455.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

31
  • cpe:2.3:a:microsoft:live_meeting:2007:*:*:*:*:*:*:*
  • Microsoft/Lync3 versions
    cpe:2.3:a:microsoft:lync:2010:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:microsoft:lync:2010:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:lync:2010:*:*:*:attendee:*:*:*
    • cpe:2.3:a:microsoft:lync:2013:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:lync_basic:2013:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:.net_framework:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:.net_framework:4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:.net_framework:4.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*
  • Microsoft/Office3 versions
    cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
    • (no CPE)range: 2007 SP3, 2010 SP2
  • cpe:2.3:a:microsoft:silverlight:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:silverlight:*:*:*:*:*:*:*:*range: <=5.1.40416.0
    • (no CPE)range: <5.1.40728
  • cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*+ 2 more
    • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*
    • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
    • cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
  • Microsoft/Windows2 versions
    cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
    • (no CPE)range: multiple (Vista SP2 through Windows 10)

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.