Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3402

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-3402
Last Modified 06 Mar 2013 11:47:12
Published 04 Nov 2011 05:55:04
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-3402

Summary

Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page, as exploited in the wild in November 2011 by Duqu, aka "TrueType Font Parsing Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows 7 -

  • Microsoft Windows Server 2003

  • Microsoft Windows Server 2008

  • Microsoft Windows Server 2008 -

  • Microsoft Windows Server 2008 R2

  • Microsoft Windows Vista

  • Microsoft Windows Xp


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-291-01E.pdf

MISC - http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_duqu_the_precursor_to_the_next_stuxnet.pdf

MISC - http://www.symantec.com/connect/w32-duqu_status-updates_installer-zero-day-exploit

MISC - http://www.securelist.com/en/blog/208193197/The_Mystery_of_Duqu_Part_Two

CONFIRM - http://technet.microsoft.com/security/advisory/2639658

MISC - http://isc.sans.edu/diary/Duqu+Mitigation/11950

CONFIRM - http://blogs.technet.com/b/msrc/archive/2011/11/03/microsoft-releases-security-advisory-2639658.aspx

MISC - http://blogs.mcafee.com/mcafee-labs/the-day-of-the-golden-jackal-%E2%80%93-further-tales-of-the-stuxnet-files

MS - MS11-087

MS - MS12-034

SECUNIA - 49122

SECUNIA - 49121

MS - MS12-039

SECTRACK - 1027039

CERT - TA12-129A

CERT - TA11-347A

CERT - TA12-164A

Related Patches

MS11-087 Security Update for Windows 7 (KB2639417)

MS11-087 Security Update for Windows Vista (KB2639417)

MS11-087 Security Update for Windows XP (KB2639417)

MS11-087 Security Update for Windows Server 2003 (KB2639417)

MS11-087 Security Update for Windows Server 2008 R2 x64 (KB2639417)

MS11-087 Security Update for Windows 7 for x64 (KB2639417)

MS11-087 Security Update for Windows Vista for x64 (KB2639417)

MS11-087 Security Update for Windows Server 2003 x64 (KB2639417)

MS11-087 Security Update for Windows Server 2008 x64 (KB2639417)

MS11-087 Security Update for Windows Server 2008 (KB2639417)

MS12-034 Security Update for Microsoft Silverlight (KB2690729)

MS12-034 Security Update for Windows XP (KB2660649)

MS12-034 Security Update for Microsoft Office 2007 suites (KB2596792)

MS12-034 Security Update for Windows XP (KB2676562)

MS12-034 Security Update for Microsoft Office 2010 32-Bit Edition (KB2589337)

MS12-034 Security Update for Microsoft Office 2007 suites (KB2596672)

MS12-034 Security Update for Microsoft Office 2003 (KB2598253)

MS12-034 Security Update for Windows XP (KB2659262)

MS12-034 Security Update for Windows XP (KB2686509)

MS12-034 Security Update for Microsoft Silverlight (KB2636927)

MS12-034 Security Update for .NET Framework 3.0 SP2 on Windows Vista SP2 and Windows Server 2008 SP2 x86 (KB2656409)

MS12-034 Security Update for Windows Vista (KB2658846)

MS12-034 Security Update for Windows Vista (KB2660649)

MS12-034 Security Update for Windows Vista (KB2659262)

MS12-034 Security Update for Windows 7 (KB2658846)

MS12-034 Security Update for .NET Framework 3.5.1 on Windows 7 x86 (KB2656410)

MS12-034 Security Update for Windows 7 (KB2660649)

MS12-034 Security Update for Windows 7 (KB2659262)

MS12-034 Security Update for Windows Server 2008 (KB2658846)

MS12-034 Security Update for Windows Server 2008 (KB2659262)

MS12-034 Security Update for Windows Server 2008 (KB2660649)

MS12-034 Security Update for Windows Server 2003 (KB2676562)

MS12-034 Security Update for Windows Server 2003 (KB2659262)

MS12-034 Security Update for Windows Server 2003 (KB2686509)

MS12-034 Security Update for Microsoft Office 2010 64-Bit Edition (KB2589337)

MS12-034 Security Update for .NET Framework 3.0 SP2 on Windows Vista SP2 and Windows Server 2008 SP2 for x64 (KB2656409)

MS12-034 Security Update for Windows Server 2003 x64 (KB2676562)

MS12-034 Security Update for Windows Server 2003 x64 (KB2686509)

MS12-034 Security Update for Windows Server 2003 x64 (KB2659262)

MS12-034 Security Update for Windows Server 2008 R2 x64 (KB2660649)

MS12-034 Security Update for Windows Server 2008 R2 x64 (KB2658846)

MS12-034 Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64 (KB2656410)

MS12-034 Security Update for Windows Server 2008 R2 x64 (KB2659262)

MS12-034 Security Update for Windows Vista for x64 (KB2660649)

MS12-034 Security Update for Windows Vista for x64 (KB2659262)

MS12-034 Security Update for Windows Vista for x64 (KB2658846)

MS12-034 Security Update for Windows 7 x64 (KB2659262)

MS12-034 Security Update for Windows 7 x64 (KB2658846)

MS12-034 Security Update for Windows 7 x64 (KB2660649)

MS12-034 Security Update for .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2656411)

MS12-034 Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64 (KB2656411)

MS12-034 2681578 2676562 Security Update for Vista and Windows Server 2008 (All Languages)

MS12-034 2681578 2656405 Security Update for .NET Framework 4.0 (All Languages)

MS12-034 2681578 2676562 Security Update for Windows 7 and Windows Server 2008 R2 (All Languages) (Rev 2)

MS12-034 2681578 2656407 Security Update for .NET Framework 3.0 SP2 (All Languages) (See Note)

MS12-034 Security Update for Windows Server 2008 x64 (KB2658846)

MS12-034 Security Update for Windows Server 2008 x64 (KB2660649)

MS12-034 Security Update for Windows Server 2008 x64 (KB2659262)

MS12-034 2681578 2690729 Security Update for Microsoft Silverlight 4 for Mac (See Notes)

MS12-034 2681578 2636927 Security Update for Microsoft Silverlight 5 for Mac (See Notes)

MS12-034 2681578 2636927 Security Update for Microsoft Silverlight (All Languages)

MS12-034 Security Update for Windows Vista (KB2676562)

MS12-034 Security Update for Windows Vista x64 (KB2676562)

MS12-034 Security Update for Windows Server 2008 (KB2676562)

MS12-034 Security Update for Windows Server 2008 x64 (KB2676562)

MS12-034 Security Update for Windows 7 (KB2676562)

MS12-039 Security Update for Office Communicator 2007 R2 (KB2708980)

MS12-039 Security Update for Lync 2010 Attendee (Administrator level installation) (KB2696031)

MS12-039 Security Update for Lync 2010 x86 (KB2693282)

MS12-039 Security Update for Lync 2010 Attendant (KB2702444)

MS12-039 2707956 2693282 Security Update for Lync 2010 (x64) (All Languages) (See Note)


Last Updated: 27 May 2016 10:57:16