|CVSS SCORE||9.3, (AV:N/AC:M/Au:N/C:C/I:C/A:C)|
The specific flaw exists within the handling of Type1 fonts in t2k.dll. A file parsing vulnerability can occur by controlling a value placed after the "/Subrs" keyword in the eexec portion of the file which defines a size of an array. An attacker can leverage this to gain code execution under the context of the current user.
Oracle has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||Alin Rad Pop