search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Microsoft Windows TrueType font array indexing vulnerability

Vulnerability Note VU#675073

Original Release Date: 2011-11-08 | Last Revised: 2012-03-28

Overview

A vulnerability in the Microsoft Windows TrueType font parsing component could allow an attacker to cause a denial-of-service condition in Microsoft Windows.

Description

The Microsoft Windows kernel includes a driver (win32k.sys) that handles a variety of graphics processing tasks, including the processing of TrueType fonts. A vulnerability exists in the way this driver validates array indexes. This can cause Windows to crash with a "blue screen."

Impact

By convincing a user to open a specially-crafted TrueType font file, a remote, unauthenticated attacker could cause a denial-of-service condition.

Solution

Apply an update

This issue is addressed in Microsoft Security Bulletin MS11-084.

Vendor Information

675073
 
Affected   Unknown   Unaffected

Microsoft Corporation

Notified:  June 13, 2011 Updated:  November 08, 2011

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References


CVSS Metrics

Group Score Vector
Base 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C
Temporal 6.2 E:ND/RL:OF/RC:C
Environmental 6.2 CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND

References

Acknowledgements

This vulnerability was reported by Will Dormann of the CERT/CC.

This document was written by Will Dormann.

Other Information

CVE IDs: CVE-2011-2004
Severity Metric: 2.92
Date Public: 2011-11-08
Date First Published: 2011-11-08
Date Last Updated: 2012-03-28 15:04 UTC
Document Revision: 10

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.