VYPR
← All advisories
Medium severity6.5NVD Advisory· Published Nov 10, 2016· Updated May 6, 2026

CVE-2016-7210

CVE-2016-7210

Description

atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted Open Type font on a web site, aka "Open Type Font Information Disclosure Vulnerability."

Affected products

12
  • Microsoft/Windows 103 versions
    cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
  • Microsoft/Windows 7
    cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*
  • Microsoft/Windows 8.1
    cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*
  • Microsoft/Windows Rt 8.1
    cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*
  • Microsoft/Windows Server 20082 versions
    cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
  • Microsoft/Windows Server 20122 versions
    cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
  • Microsoft/Windows Server 2016
    cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
  • Microsoft/Windows Vista
    cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.