| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS11-084 | Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service (2617657) | Windows 7 | Medium | 09-11-2011 |
Technical Information
Brief overview of the risk:
The vulnerability could allow denial of service if a user opens a specially crafted TrueType font file as an e-mail attachment or navigates to a network share or WebDAV location containing a specially crafted TrueType font file. For an attack to be successful, a user must visit the untrusted remote file system location or WebDAV share containing the specially crafted TrueType font file, or open the file as an e-mail attachment.
Detailed Information on the risk:
A denial of service vulnerability exists in the Microsoft Windows kernel. This vulnerability is caused when the Windows kernel improperly processes a specifically crafted TrueType font file. An attacker who successfully exploited this vulnerability could cause the affected system to stop responding and restart.
Further information on this exploit is available at : MS11-084
Affected Software
Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1***
Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1