Vulnerability Note VU#675073

Microsoft Windows TrueType font array indexing vulnerability

Original Release date: 08 Nov 2011 | Last revised: 28 Mar 2012

Overview

A vulnerability in the Microsoft Windows TrueType font parsing component could allow an attacker to cause a denial-of-service condition in Microsoft Windows.

Description

The Microsoft Windows kernel includes a driver (win32k.sys) that handles a variety of graphics processing tasks, including the processing of TrueType fonts. A vulnerability exists in the way this driver validates array indexes. This can cause Windows to crash with a "blue screen."

Impact

By convincing a user to open a specially-crafted TrueType font file, a remote, unauthenticated attacker could cause a denial-of-service condition.

Solution

Apply an update

This issue is addressed in Microsoft Security Bulletin MS11-084.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
Microsoft CorporationAffected13 Jun 201108 Nov 2011
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C
Temporal 6.2 E:ND/RL:OF/RC:C
Environmental 6.2 CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND

References

Credit

This vulnerability was reported by Will Dormann of the CERT/CC.

This document was written by Will Dormann.

Other Information

  • CVE IDs: CVE-2011-2004
  • Date Public: 08 Nov 2011
  • Date First Published: 08 Nov 2011
  • Date Last Updated: 28 Mar 2012
  • Severity Metric: 2.92
  • Document Revision: 10

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.