cve/2015/CVE-2015-2426.md

CVE-2015-2426

Description

Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Driver Vulnerability."

POC

Reference

• http://blog.trendmicro.com/trendlabs-security-intelligence/a-look-at-the-open-type-font-manager-vulnerability-from-the-hacking-team-leak/
• https://www.exploit-db.com/exploits/38222/

Github

• https://github.com/1o24er/Python-
• https://github.com/ARPSyndicate/cvemon
• https://github.com/ByteHackr/WindowsExploitation
• https://github.com/Cherishao/Security-box
• https://github.com/HiJackJTR/github_arsenal
• https://github.com/Ostorlab/KEV
• https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
• https://github.com/SSlvtao/CTF
• https://github.com/Vxer-Lee/Hack_Tools
• https://github.com/ZiDuNet/Note
• https://github.com/birdhan/SecurityTools
• https://github.com/blacksunwen/Python-tools
• https://github.com/cream-sec/pentest-tools
• https://github.com/githuberxu/Security-Resources
• https://github.com/googleprojectzero/BrokenType
• https://github.com/hackerso007/Sec-Box-master
• https://github.com/hackstoic/hacker-tools-projects
• https://github.com/hantiger/-
• https://github.com/jay900323/SecurityTools
• https://github.com/jerryxk/Sec-Box
• https://github.com/nitishbadole/oscp-note-2
• https://github.com/paulveillard/cybersecurity-windows-exploitation
• https://github.com/r3p3r/nixawk-awesome-windows-exploitation
• https://github.com/ralex1975/HT-windows-kernel-lpe
• https://github.com/rhamaa/Binary-exploit-writeups
• https://github.com/rmsbpro/rmsbpro
• https://github.com/sathwikch/windows-exploitation
• https://github.com/scuechjr/Sec-Box
• https://github.com/sunu11/Sec-Box
• https://github.com/vlad902/hacking-team-windows-kernel-lpe
• https://github.com/yige666/web-