Skip to content

CVE-2011-3402

is CVE-2011-3402real, exploitable, or a false positive? Here's the community ground truth.

☆ Watch
High · CVSS 8.8EPSS 78.3%CISA KEV

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page, as exploited in the wild in November 2011 by Duqu, aka "TrueType Font Parsing Vulnerability."

References

NVD MITRE CVE.org CISA KEV

Published

Embed this verdict
TruePositive verdict for CVE-2011-3402
Markdown
[![TruePositive verdict](https://www.truepositive.app/cve/CVE-2011-3402/badge.svg)](https://www.truepositive.app/cve/CVE-2011-3402)
HTML
<a href="https://www.truepositive.app/cve/CVE-2011-3402"><img src="https://www.truepositive.app/cve/CVE-2011-3402/badge.svg" alt="TruePositive verdict for CVE-2011-3402"></a>

Live badge — updates automatically as the community verdict changes.

Community ground truth

Community verdict

2 verdicts
Not a real issue

Includes TruePositive's curated baseline from public sources — community verdicts accrue on top.

to add your verdict.

Community real-world severity: High (High 2) — CVSS base score 8.8

In line with its CVSS base score.

Field notes & remediation

Verdicts are the quick signal — notes are the evidence and fixes behind them.

  • 0
    Field note · Waleed AzizCurated

    Confirmed exploited in the wild — listed in the CISA KEV catalog (added 2025-10-06). Treat as real and prioritize patching over triage.