CVE-2011-3402 - Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drive

CVE-2011-3402

Summary

Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page, as exploited in the wild in November 2011 by Duqu, aka "TrueType Font Parsing Vulnerability."

References

Vulnerable Configurations

cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

CVSS

Base:	9.3 (as of 28-09-2020 - 12:58)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:C/I:C/A:C

msbulletin via4

bulletin_id	MS11-087
bulletin_url
date	2011-12-13T00:00:00
impact	Remote Code Execution
knowledgebase_id	2639417
knowledgebase_url
severity	Critical
title	Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution

bulletin_id	MS12-039
bulletin_url
date	2012-06-12T00:00:00
impact	Remote Code Execution
knowledgebase_id	2707956
knowledgebase_url
severity	Important
title	Vulnerabilities in Lync Could Allow Remote Code Execution

bulletin_id	MS12-034
bulletin_url
date	2012-05-08T00:00:00
impact	Remote Code Execution
knowledgebase_id	2681578
knowledgebase_url
severity	Critical
title	Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight

oval via4

accepted

2013-05-06T04:01:13.747-04:00

class

vulnerability

contributors

name Josh Turpin
organization Symantec Corporation
name Josh Turpin
organization Symantec Corporation
name Sharath S
organization SecPod Technologies

definition_extensions

comment Microsoft Windows XP (x86) SP3 is installed
oval oval:org.mitre.oval:def:5631
comment Microsoft Windows XP x64 Edition SP2 is installed
oval oval:org.mitre.oval:def:4193
comment Microsoft Windows Server 2003 SP2 (x64) is installed
oval oval:org.mitre.oval:def:2161
comment Microsoft Windows Server 2003 SP2 (x86) is installed
oval oval:org.mitre.oval:def:1935
comment Microsoft Windows Server 2003 (ia64) SP2 is installed
oval oval:org.mitre.oval:def:1442
comment Microsoft Windows Vista (32-bit) Service Pack 2 is installed
oval oval:org.mitre.oval:def:6124
comment Microsoft Windows Vista x64 Edition Service Pack 2 is installed
oval oval:org.mitre.oval:def:5594
comment Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed
oval oval:org.mitre.oval:def:5653
comment Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed
oval oval:org.mitre.oval:def:6216
comment Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed
oval oval:org.mitre.oval:def:6150
comment Microsoft Windows 7 (32-bit) is installed
oval oval:org.mitre.oval:def:6165
comment Microsoft Windows 7 x64 Edition is installed
oval oval:org.mitre.oval:def:5950
comment Microsoft Windows Server 2008 R2 x64 Edition is installed
oval oval:org.mitre.oval:def:6438
comment Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
oval oval:org.mitre.oval:def:5954
comment Microsoft Windows 7 (32-bit) Service Pack 1 is installed
oval oval:org.mitre.oval:def:12292
comment Microsoft Windows 7 x64 Service Pack 1 is installed
oval oval:org.mitre.oval:def:12627
comment Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed
oval oval:org.mitre.oval:def:12567
comment Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed
oval oval:org.mitre.oval:def:12583

description

family

windows

oval:org.mitre.oval:def:13998

status

accepted

submitted

2011-11-08T13:00:00

title

Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege

version

accepted

2014-08-18T04:01:12.393-04:00

class

vulnerability

contributors

name SecPod Team
organization SecPod Technologies
name Evgeniy Pavlov
organization ALTX-SOFT

definition_extensions

comment Microsoft Lync 2010 is installed
oval oval:org.mitre.oval:def:15099
comment Microsoft Lync 2010 Attendee (user level install) is installed
oval oval:org.mitre.oval:def:15641
comment Microsoft Lync 2010 Attendee (admin level install) is installed
oval oval:org.mitre.oval:def:15556

description

family

windows

oval:org.mitre.oval:def:15290

status

accepted

submitted

2012-06-18T15:13:15

title

TrueType Font Parsing Vulnerability (CVE-2011-3402)

version

accepted

2015-08-10T04:00:20.036-04:00

class

vulnerability

contributors

name Dragos Prisaca
organization Symantec Corporation
name Josh Turpin
organization Symantec Corporation
name Sergey Artykhov
organization ALTX-SOFT
name Shane Shaffer
organization G2, Inc.
name Sharath S
organization SecPod Technologies
name Maria Kedovskaya
organization ALTX-SOFT
name Maria Kedovskaya
organization ALTX-SOFT
name Maria Kedovskaya
organization ALTX-SOFT
name Maria Kedovskaya
organization ALTX-SOFT
name Maria Mikhno
organization ALTX-SOFT
name Maria Mikhno
organization ALTX-SOFT
name Maria Mikhno
organization ALTX-SOFT
name Maria Mikhno
organization ALTX-SOFT
name Maria Mikhno
organization ALTX-SOFT
name Maria Mikhno
organization ALTX-SOFT

definition_extensions

comment Microsoft Windows Vista (32-bit) Service Pack 2 is installed
oval oval:org.mitre.oval:def:6124
comment Microsoft Windows Vista x64 Edition Service Pack 2 is installed
oval oval:org.mitre.oval:def:5594
comment Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed
oval oval:org.mitre.oval:def:5653
comment Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed
oval oval:org.mitre.oval:def:6216
comment Microsoft Windows 7 (32-bit) is installed
oval oval:org.mitre.oval:def:6165
comment Microsoft Windows 7 x64 Edition is installed
oval oval:org.mitre.oval:def:5950
comment Microsoft Windows Server 2008 R2 x64 Edition is installed
oval oval:org.mitre.oval:def:6438
comment Microsoft Windows 7 (32-bit) Service Pack 1 is installed
oval oval:org.mitre.oval:def:12292
comment Microsoft Windows 7 x64 Service Pack 1 is installed
oval oval:org.mitre.oval:def:12627
comment Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed
oval oval:org.mitre.oval:def:12567
comment Microsoft Windows XP (x86) SP3 is installed
oval oval:org.mitre.oval:def:5631
comment Microsoft Windows XP x64 Edition SP2 is installed
oval oval:org.mitre.oval:def:4193
comment Microsoft Windows Server 2003 SP2 (x86) is installed
oval oval:org.mitre.oval:def:1935
comment Microsoft Windows Server 2003 SP2 (x64) is installed
oval oval:org.mitre.oval:def:2161
comment Microsoft Windows Server 2003 (ia64) SP2 is installed
oval oval:org.mitre.oval:def:1442
comment Microsoft Windows Vista (32-bit) Service Pack 2 is installed
oval oval:org.mitre.oval:def:6124
comment Microsoft Windows Vista x64 Edition Service Pack 2 is installed
oval oval:org.mitre.oval:def:5594
comment Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed
oval oval:org.mitre.oval:def:5653
comment Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed
oval oval:org.mitre.oval:def:6216
comment Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed
oval oval:org.mitre.oval:def:6150
comment Microsoft Windows 7 (32-bit) is installed
oval oval:org.mitre.oval:def:6165
comment Microsoft Windows 7 x64 Edition is installed
oval oval:org.mitre.oval:def:5950
comment Microsoft Windows Server 2008 R2 x64 Edition is installed
oval oval:org.mitre.oval:def:6438
comment Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
oval oval:org.mitre.oval:def:5954
comment Microsoft Windows 7 (32-bit) Service Pack 1 is installed
oval oval:org.mitre.oval:def:12292
comment Microsoft Windows 7 x64 Service Pack 1 is installed
oval oval:org.mitre.oval:def:12627
comment Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed
oval oval:org.mitre.oval:def:12567
comment Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed
oval oval:org.mitre.oval:def:12583
comment Microsoft Windows XP (x86) SP3 is installed
oval oval:org.mitre.oval:def:5631
comment Microsoft Windows XP x64 Edition SP2 is installed
oval oval:org.mitre.oval:def:4193
comment Microsoft Windows Server 2003 SP2 (x64) is installed
oval oval:org.mitre.oval:def:2161
comment Microsoft Windows Server 2003 SP2 (x86) is installed
oval oval:org.mitre.oval:def:1935
comment Microsoft Windows Server 2003 (ia64) SP2 is installed
oval oval:org.mitre.oval:def:1442
comment Microsoft Windows Vista (32-bit) Service Pack 2 is installed
oval oval:org.mitre.oval:def:6124
comment Microsoft Windows Vista x64 Edition Service Pack 2 is installed
oval oval:org.mitre.oval:def:5594
comment Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed
oval oval:org.mitre.oval:def:5653
comment Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed
oval oval:org.mitre.oval:def:6216
comment Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed
oval oval:org.mitre.oval:def:6150
comment Microsoft Windows 7 (32-bit) is installed
oval oval:org.mitre.oval:def:6165
comment Microsoft Windows 7 x64 Edition is installed
oval oval:org.mitre.oval:def:5950
comment Microsoft Windows Server 2008 R2 x64 Edition is installed
oval oval:org.mitre.oval:def:6438
comment Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
oval oval:org.mitre.oval:def:5954
comment Microsoft Windows 7 (32-bit) Service Pack 1 is installed
oval oval:org.mitre.oval:def:12292
comment Microsoft Windows 7 x64 Service Pack 1 is installed
oval oval:org.mitre.oval:def:12627
comment Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed
oval oval:org.mitre.oval:def:12567
comment Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed
oval oval:org.mitre.oval:def:12583
comment Microsoft Windows XP (x86) SP3 is installed
oval oval:org.mitre.oval:def:5631
comment Microsoft Windows XP x64 Edition SP2 is installed
oval oval:org.mitre.oval:def:4193
comment Microsoft Windows Server 2003 SP2 (x86) is installed
oval oval:org.mitre.oval:def:1935
comment Microsoft Windows Server 2003 SP2 (x64) is installed
oval oval:org.mitre.oval:def:2161
comment Microsoft Windows Server 2003 (ia64) SP2 is installed
oval oval:org.mitre.oval:def:1442
comment Microsoft Silverlight 4 is installed
oval oval:org.mitre.oval:def:14639
comment Microsoft Silverlight 5 is installed
oval oval:org.mitre.oval:def:15148
comment Microsoft Office 2003 is installed
oval oval:org.mitre.oval:def:233
comment Microsoft Office 2007 is installed
oval oval:org.mitre.oval:def:1211
comment Microsoft Office 2010 is installed
oval oval:org.mitre.oval:def:12061

description

family

windows

oval:org.mitre.oval:def:15645

status

accepted

submitted

2012-05-08T13:00:00

title

TrueType Font Parsing Vulnerability (CVE-2011-3402)

version

112

refmap via4

Last major update

28-09-2020 - 12:58

Published

04-11-2011 - 21:55

Last modified

28-09-2020 - 12:58