CVE-2016-7210

CVE Database · CVE-2016-7210

CVE-2016-7210

· N/AModified

CVSS v3.1

N/A

EPSS

21.12%

Published

Nov 10, 2016

Modified

May 6, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted Open Type font on a web site, aka "Open Type Font Information Disclosure Vulnerability."

Weaknesses (CWE)

CWE-200

Affected Products (12)

microsoft · windows_10vulnerable

microsoft · windows_7vulnerable

microsoft · windows_8.1vulnerable

microsoft · windows_rt_8.1vulnerable

microsoft · windows_server_2008vulnerable

microsoft · windows_server_2012vulnerable

References (10)

http://www.securityfocus.com/archive/1/539734/100/0/threaded

http://www.securityfocus.com/bid/94030