Vulnerability Name: CVE-2011-2003 (CCN-70113) Assigned: 2011-10-11 Published: 2011-10-11 Updated: 2020-09-28 Summary: Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted .fon file, aka "Font Library File Buffer Overrun Vulnerability." CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C 7.3 High (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C 7.3 High (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-119 Vulnerability Consequences: Gain Access References: Source: MITRECVE-2011-2003 Microsoft Windows win32k.sys Driver Multiple Vulnerabilities 8473 Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2660465) Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2641653) Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578) Vulnerability in Silverlight Could Allow Remote Code Execution (2814124) Vulnerability in Windows Components Could Allow Remote Code Execution (2848295) Vulnerability in Windows Journal Could Allow Remote Code Execution (2975689) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2567053) Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service (2617657) Microsoft Windows Kernel '.fon' Font File Remote Code Execution Vulnerability 1026165 MS11-077 ms-win-fon-bo(70113) oval:org.mitre.oval:def:13103 Offensive Security Exploit Database [10-12-2011] Vulnerable Configuration: Configuration 1 :cpe:/o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_7:-:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_7:-:sp1:*:*:ultimate_n:*:x64:* OR cpe:/o:microsoft:windows_7:-:sp1:*:*:ultimate_n:*:x86:* OR cpe:/o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:* OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_vista:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp3:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:* Configuration CCN 1 :cpe:/o:microsoft:windows:server_2003:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:* OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp2:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_7:-:*:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:itanium:* OR cpe:/o:microsoft:windows_7:-:sp1:*:*:ultimate_n:*:x64:* OR cpe:/o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:* Oval Definitions BACK
microsoft windows 2003 server * sp2
microsoft windows 7 -
microsoft windows 7 - sp1
microsoft windows 7 - sp1
microsoft windows server 2003 * sp2
microsoft windows server 2008 * sp2
microsoft windows server 2008 * sp2
microsoft windows server 2008 - sp2
microsoft windows server 2008 r2
microsoft windows server 2008 r2
microsoft windows vista * sp2
microsoft windows vista * sp2
microsoft windows xp * sp3
microsoft windows xp - sp2
microsoft windows server_2003 sp2
microsoft windows server_2003 sp2
microsoft windows server_2003 sp2
microsoft windows xp sp2
microsoft windows server 2008 -
microsoft windows xp sp3
microsoft windows vista - sp2
microsoft windows vista - sp2
microsoft windows server 2008 sp2
microsoft windows 7 -
microsoft windows server 2008 - r2
microsoft windows server 2008 r2
microsoft windows server 2008
microsoft windows 7 - sp1
microsoft windows server 2008 r2 sp1
microsoft windows server 2008 r2 sp1
Denotes that component is vulnerable