Back to KEVs

CVE-2011-3402

Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows...

Basic Information

CVE State
PUBLISHED
Reserved Date
September 09, 2011
Published Date
November 04, 2011
Last Updated
August 06, 2024
Vendor
Microsoft
Product
Windows
Description
Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page, as exploited in the wild in November 2011 by Duqu, aka "TrueType Font Parsing Vulnerability."
Tags
windows

CVSS Scores

CVSS v2.0

9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploit Status

Exploited in the Wild
Yes (2011-11-04 21:00:00 UTC) Source

References

http://secunia.com/advisories/49121 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15645 http://www.us-cert.gov/cas/techalerts/TA12-164A.html http://blogs.mcafee.com/mcafee-labs/the-day-of-the-golden-jackal-%E2%80%93-further-tales-of-the-stuxnet-files http://www.securitytracker.com/id?1027039 http://secunia.com/advisories/49122 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-087 http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_duqu_the_precursor_to_the_next_stuxnet.pdf http://www.us-cert.gov/cas/techalerts/TA11-347A.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13998 http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-291-01E.pdf http://www.securelist.com/en/blog/208193197/The_Mystery_of_Duqu_Part_Two http://technet.microsoft.com/security/advisory/2639658 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-034 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-039 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15290 http://isc.sans.edu/diary/Duqu+Mitigation/11950 http://www.symantec.com/connect/w32-duqu_status-updates_installer-zero-day-exploit http://www.us-cert.gov/cas/techalerts/TA12-129A.html http://blogs.technet.com/b/msrc/archive/2011/11/03/microsoft-releases-security-advisory-2639658.aspx

Known Exploited Vulnerability Information

Source Added Date
CVE 2011-11-04 21:00:00 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel