Vulnerability identifier: #VU4790

Vulnerability risk: Medium

CVSSv3.1: 8.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2013-3660

CWE-ID: CWE-119

Exploitation vector: Local

Exploits in database: 4

• March 18, 2020
  • Microsoft Windows - 'EPATHOBJ::pprFlattenRec' Privilege Escalation (Metasploit) [Exploit-DB]
  • Microsoft Windows NT/2000/2003/2008/XP/Vista/7/8 - Local Ring Exploit (EPATHOBJ) [Exploit-DB]
  • Microsoft Windows - Win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase [Exploit-DB]
  • Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation [Metasploit]

Impact: Code execution

Vulnerable software:
Windows
Operating systems & Components / Operating system
Windows Server
Operating systems & Components / Operating system

Vendor: Microsoft