Executive Summary

Summary
Title Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2485376)
Informations
Name MS11-007 First vendor Publication 2011-02-08
Vendor Microsoft Last vendor Modification 2013-07-09
Severity (Vendor) Critical Revision 2.1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V2.1 (July 9, 2013): Bulletin revised to announce a detection change that excludes Windows 7 language packs from the 2485376 update. This is a detection change only. Customers who have already successfully updated their systems do not need to take any action.

Summary: This security update resolves a privately reported vulnerability in the Windows OpenType Compact Font Format (CFF) driver. The vulnerability could allow remote code execution if a user views content rendered in a specially crafted CFF font. In all cases, an attacker would have no way to force users to view the specially crafted content. Instead, an attacker would have to convince users to visit a Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site.

Original Source

Url : http://technet.microsoft.com/en-us/security/bulletin/ms11-007

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11593
 
Oval ID: oval:org.mitre.oval:def:11593
Title: OpenType Font Encoded Character Vulnerability
Description: The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate parameter values in OpenType fonts, which allows remote attackers to execute arbitrary code via a crafted font, aka "OpenType Font Encoded Character Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2011-0033
 Version: 7
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 2
Os 2
Os 1
Os 8
Os 3
Os 2

OpenVAS Exploits

Date Description
2011-02-09 Name : Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Re...
File : nvt/secpod_ms11-007.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
70821 Microsoft OpenType Compact Font Format (CFF) Parsing Remote Code Execution

Microsoft OpenType Compact Font Format (CFF) driver contains a flaw related to the parsing of crafted OpenType fonts. This may allow a context-dependent attacker to use a crafted web page containing these fonts to execute arbitrary code.

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft Windows ATMFD Adobe font driver remote code execution attempt
RuleID : 19196 - Revision : 9 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows ATMFD Adobe font driver remote code execution attempt
RuleID : 18402 - Revision : 13 - Type : FILE-OTHER

Nessus® Vulnerability Scanner

Date Description
2011-02-08 Name : The remote Windows host contains a font driver that is affected by a privileg...
File : smb_nt_ms11-007.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2014-02-17 11:46:51
  • Multiple Updates
2014-01-19 21:30:36
  • Multiple Updates
2013-07-09 21:29:49
  • Multiple Updates
2013-07-09 21:17:01
  • Multiple Updates