Description
Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page, as exploited in the wild in November 2011 by Duqu, aka "TrueType Font Parsing Vulnerability."
Published: 2011-11-04
Score: 8.8 High
EPSS: 88.3% High
KEV: Yes
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
http://blogs.mcafee.com/mcafee-labs/the-day-of-the-golden-jackal-%E2%80%93-further-tales-of-the-stuxnet-files cve-icon cve-icon
http://blogs.technet.com/b/msrc/archive/2011/11/03/microsoft-releases-security-advisory-2639658.aspx cve-icon cve-icon
http://isc.sans.edu/diary/Duqu+Mitigation/11950 cve-icon cve-icon
http://secunia.com/advisories/49121 cve-icon cve-icon
http://secunia.com/advisories/49122 cve-icon cve-icon
http://technet.microsoft.com/security/advisory/2639658 cve-icon cve-icon
http://www.securelist.com/en/blog/208193197/The_Mystery_of_Duqu_Part_Two cve-icon cve-icon
http://www.securitytracker.com/id?1027039 cve-icon cve-icon
http://www.symantec.com/connect/w32-duqu_status-updates_installer-zero-day-exploit cve-icon cve-icon
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_duqu_the_precursor_to_the_next_stuxnet.pdf cve-icon cve-icon
http://www.us-cert.gov/cas/techalerts/TA11-347A.html cve-icon cve-icon
http://www.us-cert.gov/cas/techalerts/TA12-129A.html cve-icon cve-icon
http://www.us-cert.gov/cas/techalerts/TA12-164A.html cve-icon cve-icon
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-291-01E.pdf cve-icon cve-icon
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-087 cve-icon cve-icon
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-034 cve-icon cve-icon
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-039 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13998 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15290 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15645 cve-icon cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2011-3402 cve-icon cve-icon
History

Wed, 22 Apr 2026 10:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*		 cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*

Wed, 22 Oct 2025 01:30:00 +0000

Type Values Removed Values Added
References

Tue, 21 Oct 2025 20:30:00 +0000

Type Values Removed Values Added
References

Tue, 21 Oct 2025 19:30:00 +0000

Type Values Removed Values Added
References

Mon, 06 Oct 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 06 Oct 2025 17:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2025-10-06T00:00:00+00:00', 'dueDate': '2025-10-27T00:00:00+00:00'}

Subscriptions

Microsoft Windows 7 Windows Server 2003 Windows Server 2008 Windows Vista Windows Xp
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2025-10-22T00:05:48.983Z

Reserved: 2011-09-09T00:00:00.000Z

Link: CVE-2011-3402

cve-icon Vulnrichment

Updated: 2024-08-06T23:29:56.897Z

cve-icon NVD

Status : Analyzed

Published: 2011-11-04T21:55:04.693

Modified: 2026-04-22T10:36:02.440

Link: CVE-2011-3402

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses