cvelist/2018/0xxx/CVE-2018-0855.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "secure@microsoft.com",
      "DATE_PUBLIC" : "2018-02-13T00:00:00",
      "ID" : "CVE-2018-0855",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "Windows Embedded OpenType (EOT) font engine",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "Windows 7 SP1 and Windows Server 2008 R2 SP1"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "Microsoft Corporation"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1 and Windows Server 2008 R2 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka \"Windows EOT Font Engine Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0755, CVE-2018-0760, and CVE-2018-0761."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "Important"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0855",
            "refsource" : "CONFIRM",
            "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0855"
         },
         {
            "name" : "102936",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/102936"
         },
         {
            "name" : "1040374",
            "refsource" : "SECTRACK",
            "url" : "http://www.securitytracker.com/id/1040374"
         }
      ]
   }
}
- Synchronized data. 2017-12-01 14:03:40 -05:00			`{`
			`"CVE_data_meta" : {`
- Added submission from Microsoft from 2018-02-13. 2018-02-14 20:10:11 -05:00			`"ASSIGNER" : "secure@microsoft.com",`
			`"DATE_PUBLIC" : "2018-02-13T00:00:00",`
- Synchronized data. 2017-12-01 14:03:40 -05:00			`"ID" : "CVE-2018-0855",`
- Added submission from Microsoft from 2018-02-13. 2018-02-14 20:10:11 -05:00			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "Windows Embedded OpenType (EOT) font engine",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "Windows 7 SP1 and Windows Server 2008 R2 SP1"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "Microsoft Corporation"`
			`}`
			`]`
			`}`
- Synchronized data. 2017-12-01 14:03:40 -05:00			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
- Added submission from Microsoft from 2018-02-13. 2018-02-14 20:10:11 -05:00			`"value" : "The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1 and Windows Server 2008 R2 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka \"Windows EOT Font Engine Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2018-0755, CVE-2018-0760, and CVE-2018-0761."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "Important"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0855",`
			`"refsource" : "CONFIRM",`
- Added submission from Microsoft from 2018-02-13. 2018-02-14 20:10:11 -05:00			`"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0855"`
- Synchronized data. 2018-02-15 06:04:25 -05:00			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "102936",`
			`"refsource" : "BID",`
- Synchronized data. 2018-02-15 06:04:25 -05:00			`"url" : "http://www.securityfocus.com/bid/102936"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "1040374",`
			`"refsource" : "SECTRACK",`
- Synchronized data. 2018-02-15 06:04:25 -05:00			`"url" : "http://www.securitytracker.com/id/1040374"`
- Synchronized data. 2017-12-01 14:03:40 -05:00			`}`
			`]`
			`}`
			`}`