Uniscribe Font Parsing Engine Memory Corruption Vulnerability

Uniscribe Font Parsing Engine Memory Corruption Vulnerability

CVE-2013-3181 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

usp10.dll in the Unicode Scripts Processor in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "Uniscribe Font Parsing Engine Memory Corruption Vulnerability."

Learn more about our Cis Benchmark Audit For Server Software.