1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Microsoft True Type Font CVE-2011-3402

Web Attack: Microsoft True Type Font CVE-2011-3402

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature will detect attempts to exploit a remote code execution vulnerability in Microsoft Windows.

Additional Information

Embedded OpenType (EOT) fonts are designed for use on webpages. EOT fonts can also be embedded in documents.

Microsoft Windows is prone to a remote code-execution vulnerability that may affect 'OS\2' table records in Embedded OpenType fonts. Specifically, an integer-wrap issue occurs when adding a directory entry's offset and its size member.

To exploit this issue, an attacker may entice an unsuspecting user into visiting a malicious webpage.

Successful exploits will allow the attacker to execute arbitrary code with kernel-level privileges and completely compromise the affected computer.


  • Various


Updates are available. Please see the references for details.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube