Risk | High |
Patch available | YES |
Number of vulnerabilities | 7 |
CVE-ID | CVE-2013-3173 CVE-2013-3172 CVE-2013-3167 CVE-2013-3129 CVE-2013-1300 CVE-2013-1340 CVE-2013-1345 |
CWE-ID | CWE-119 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #5 is available. |
Vulnerable software Subscribe |
Windows Operating systems & Components / Operating system Windows Server Operating systems & Components / Operating system |
Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
EUVDB-ID: #VU4797
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2013-3173
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain elevated privileges on the target system.
The weakness exists due to improper handling of objects in memory by the kernel-mode driver (win32k.sys). A local attacker can run a specially crafted application to gain elevated privileges and execute arbitrary code with SYSTEM privileges.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website.
Windows: 7 - XP
Windows Server: 2003 - 2012
External linkshttp://technet.microsoft.com/en-us/library/security/ms13-053
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU4796
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2013-3172
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS conditions on the target system.
The weakness exists due to buffer overflow when handling of objects in memory by the kernel-mode driver (win32k.sys). A local attacker can run a specially crafted application, trigger memory corruption and cause the system to stop responding.
Successful exploitation of the vulnerability results in denial of service on the vulnerable system.
Install update from vendor's website.
Windows: 7 - XP
Windows Server: 2003 - 2008
External linkshttp://technet.microsoft.com/en-us/library/security/ms13-053
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU4795
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2013-3167
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain elevated privileges on the target system.
The weakness exists due to improper handling of objects in memory by the kernel-mode driver (win32k.sys). A local attacker can run a specially crafted application to gain elevated privileges and execute arbitrary code with SYSTEM privileges.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website.
Windows: 7 - XP
Windows Server: 2003 - 2008
External linkshttp://technet.microsoft.com/en-us/library/security/ms13-053
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU4794
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2013-3129
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to improper handling of malformed TrueType font files by the kernel-mode driver (win32k.sys). A remote attacker can create a specially crafted TrueType font file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website.
Windows Server: 2003 - 2012
Windows: 7 - XP
External linkshttp://technet.microsoft.com/en-us/library/security/ms13-053
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU4793
Risk: Low
CVSSv3.1: 8.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C]
CVE-ID: CVE-2013-1300
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: Yes
DescriptionThe vulnerability allows a local attacker to obtain elevated privileges on the target system.
The weakness exists due to improper handling of objects in memory by NtUserMessageCall in the kernel-mode driver (win32k.sys). A local attacker can gain elevated privileges and execute arbitrary code with SYSTEM privileges.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website.
Windows: 7 - XP
Windows Server: 2003 - 2012
External linkshttp://technet.microsoft.com/en-us/library/security/ms13-053
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
EUVDB-ID: #VU4792
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2013-1340
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain elevated privileges on the target system.
The weakness exists due to improper handling of objects in memory by the kernel-mode driver (win32k.sys). A local attacker can run a specially crafted application to gain elevated privileges and execute arbitrary code with SYSTEM privileges.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website.
Windows: 7 - XP
Windows Server: 2003 - 2012
External linkshttp://technet.microsoft.com/en-us/library/security/ms13-053
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU4791
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2013-1345
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain elevated privileges on the target system.
The weakness exists due to improper handling of Dynamic Data Exchange objects by the kernel-mode driver (win32k.sys). A local attacker can run a specially crafted application to gain elevated privileges and execute arbitrary code with SYSTEM privileges.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website.
Windows: 7 - XP
Windows Server: 2003 - 2012
External linkshttp://technet.microsoft.com/en-us/library/security/ms13-053
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.