search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Microsoft Windows TrueType font array indexing vulnerability

Vulnerability Note VU#675073

Original Release Date: 2011-11-08 | Last Revised: 2012-03-28


A vulnerability in the Microsoft Windows TrueType font parsing component could allow an attacker to cause a denial-of-service condition in Microsoft Windows.


The Microsoft Windows kernel includes a driver (win32k.sys) that handles a variety of graphics processing tasks, including the processing of TrueType fonts. A vulnerability exists in the way this driver validates array indexes. This can cause Windows to crash with a "blue screen."


By convincing a user to open a specially-crafted TrueType font file, a remote, unauthenticated attacker could cause a denial-of-service condition.


Apply an update

This issue is addressed in Microsoft Security Bulletin MS11-084.

Vendor Information


Microsoft Corporation Affected

Notified:  June 13, 2011 Updated: November 08, 2011



Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

CVSS Metrics

Group Score Vector
Base 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C
Temporal 6.2 E:ND/RL:OF/RC:C
Environmental 6.2 CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND



This vulnerability was reported by Will Dormann of the CERT/CC.

This document was written by Will Dormann.

Other Information

CVE IDs: CVE-2011-2004
Severity Metric: 2.92
Date Public: 2011-11-08
Date First Published: 2011-11-08
Date Last Updated: 2012-03-28 15:04 UTC
Document Revision: 12

Sponsored by CISA.