CVE-2011-3402

Severity Score

9.3

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page, as exploited in the wild in November 2011 by Duqu, aka "TrueType Font Parsing Vulnerability."

Vulnerabilidad no especificada en el motor de análisis de fuentes TrueType de Win32k en el kernel de Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 Service Pack 2, R2 y R2 SP1, y Windows 7 Oro y SP1 permite a atacantes remotos ejecutar código arbitrario a través de los datos de la fuente modificada en un documento de Word, como se explotó "in the wild" en noviembre de 2011 por Duqu.

*Credits: N/A

CVSS Scores

NISTv2 9.3

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2011-09-09 CVE Reserved
2011-11-04 CVE Published
2024-08-06 CVE Updated
2024-08-13 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (20)

URL	Tag	Source
http://blogs.mcafee.com/mcafee-labs/the-day-of-the-golden-jackal-%E2%80%93-further-tales-of-the-stuxnet-files	X_refsource_misc
http://blogs.technet.com/b/msrc/archive/2011/11/03/microsoft-releases-security-advisory-2639658.aspx	X_refsource_confirm
http://isc.sans.edu/diary/Duqu+Mitigation/11950	X_refsource_misc
http://www.securelist.com/en/blog/208193197/The_Mystery_of_Duqu_Part_Two	X_refsource_misc
http://www.securitytracker.com/id?1027039	Vdb Entry
http://www.symantec.com/connect/w32-duqu_status-updates_installer-zero-day-exploit	X_refsource_misc
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_duqu_the_precursor_to_the_next_stuxnet.pdf	X_refsource_misc
http://www.us-cert.gov/cas/techalerts/TA11-347A.html	Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA12-129A.html	Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA12-164A.html	Third Party Advisory
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-291-01E.pdf	Us Government Resource
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13998	Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15290	Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15645	Signature

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://secunia.com/advisories/49121	2023-12-07
http://secunia.com/advisories/49122	2023-12-07
http://technet.microsoft.com/security/advisory/2639658	2023-12-07
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-087	2023-12-07
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-034	2023-12-07
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-039	2023-12-07

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Microsoft Search vendor "Microsoft"		Windows 7 Search vendor "Microsoft" for product "Windows 7"				-		sp1, x64		Affected
Microsoft Search vendor "Microsoft"		Windows 7 Search vendor "Microsoft" for product "Windows 7"				-		sp1, x86		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003"				*		sp2		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008"				*		sp2, x32		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008"				*		sp2, x64		Affected
Microsoft Search vendor "Microsoft"		Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008"				-		sp2		Affected
Microsoft Search vendor "Microsoft"		Windows Vista Search vendor "Microsoft" for product "Windows Vista"				*		sp2		Affected
Microsoft Search vendor "Microsoft"		Windows Xp Search vendor "Microsoft" for product "Windows Xp"				*		sp2		Affected
Microsoft Search vendor "Microsoft"		Windows Xp Search vendor "Microsoft" for product "Windows Xp"				*		sp3		Affected