CVE-2019-1152

Name of the Vulnerable Software and Affected Versions Windows (affected versions not specified)

Description A remote code execution issue exists due to the improper handling of specially crafted embedded fonts by the Windows font library. This could allow an attacker to take control of the affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights. The impact may be less severe for users with limited user rights. Exploitation can occur through various means, including hosting a specially crafted website or providing a specially crafted document file. The issue is addressed by correcting how the Windows font library handles embedded fonts.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.