CVE-2011-3402CISA KEV: Actively Exploited

Microsoft Windows Remote Code Execution Vulnerability

Published Oct 6, 2025·Updated Oct 6, 2025

Description

Microsoft Windows Kernel contains an unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers that allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free