search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Microsoft Windows TrueType font array indexing vulnerability

Vulnerability Note VU#675073

Original Release Date: 2011-11-08 | Last Revised: 2012-03-28


A vulnerability in the Microsoft Windows TrueType font parsing component could allow an attacker to cause a denial-of-service condition in Microsoft Windows.


The Microsoft Windows kernel includes a driver (win32k.sys) that handles a variety of graphics processing tasks, including the processing of TrueType fonts. A vulnerability exists in the way this driver validates array indexes. This can cause Windows to crash with a "blue screen."


By convincing a user to open a specially-crafted TrueType font file, a remote, unauthenticated attacker could cause a denial-of-service condition.


Apply an update

This issue is addressed in Microsoft Security Bulletin MS11-084.

Vendor Information


Microsoft Corporation Affected

Notified:  June 13, 2011 Updated: November 08, 2011



Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

CVSS Metrics

Group Score Vector
Base 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C
Temporal 6.2 E:ND/RL:OF/RC:C
Environmental 6.2 CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND



This vulnerability was reported by Will Dormann of the CERT/CC.

This document was written by Will Dormann.

Other Information

CVE IDs: CVE-2011-2004
Severity Metric: 2.92
Date Public: 2011-11-08
Date First Published: 2011-11-08
Date Last Updated: 2012-03-28 15:04 UTC
Document Revision: 12

Sponsored by CISA.