CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0CVE-2013-3167
https://notcve.org/view.php?id=CVE-2013-3167
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Information Disclosure Vulnerability." win32k.sys en los controladores kernel-mode de Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, y Windows 7 SP1 no maneja adecuadamente los objetos en la memoria, lo que permite a usuarios locales conseguir privilegios a través de una aplicación hecha a mano, también conocido como "Win32k Information Disclosure Vulnerability." • http://www.us-cert.gov/ncas/alerts/TA13-190A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-053 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17293 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 92%CPEs: 11EXPL: 1CVE-2013-3174 – Microsoft DirectShow - Arbitrary Memory Overwrite (MS13-056)
https://notcve.org/view.php?id=CVE-2013-3174
DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted GIF file, aka "DirectShow Arbitrary Memory Overwrite Vulnerability." DirectShow en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, y Windows Server 2012 permite a atacantes remotos la ejecución de código de su elección mediante un archivo GIF manipulado, también conocida como "DirectShow Arbitrary Memory Overwrite Vulnerability." • https://www.exploit-db.com/exploits/27050 http://www.us-cert.gov/ncas/alerts/TA13-190A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-056 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16883 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.2EPSS: 0%CPEs: 13EXPL: 2CVE-2013-1300 – Microsoft Windows NtUserMessageCall Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2013-1300
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Allocation Vulnerability." win32k.sys en controladores kernel-mode en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, y Windows RT no gestiona de forma adecuada los objetos en memoria, lo que provoca que usuarios locales obtengan privilegios a través de una aplicación manipulada, también conocido como "Win32k Memory Allocation Vulnerability." This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within NtUserMessageCall. The issue lies in the handling of boolean arguments. An attacker can leverage this vulnerability to raise privileges and execute code under the context of SYSTEM. • https://www.exploit-db.com/exploits/33213 http://www.exploit-db.com/exploits/33213 http://www.us-cert.gov/ncas/alerts/TA13-190A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-053 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17353 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.4EPSS: 0%CPEs: 6EXPL: 0CVE-2013-3136
https://notcve.org/view.php?id=CVE-2013-3136
The kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly handle unspecified page-fault system calls, which allows local users to obtain sensitive information from kernel memory via a crafted application, aka "Kernel Information Disclosure Vulnerability." El kernel en Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1 y Windows 8 en plataformas de 32 bits no controla correctamente llamadas al sistema de fallos no especificadas de fallos de página, permitiendo a usuarios locales obtener información confidencial de la memoria del núcleo a través de una aplicación especialmente diseñada, también conocido como "vulnerabilidad de revelación de información del Kernel" • http://www.us-cert.gov/ncas/alerts/TA13-168A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-048 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16847 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 83%CPEs: 10EXPL: 7CVE-2013-3660 – Microsoft Win32k Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2013-3660
The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 does not properly initialize a pointer for the next object in a certain list, which allows local users to obtain write access to the PATHRECORD chain, and consequently gain privileges, by triggering excessive consumption of paged memory and then making many FlattenPath function calls, aka "Win32k Read AV Vulnerability." La funcion EPATHOBJ::pprFlattenRec en win32k.sys en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, y Windows RT, no inicializar correctamente un puntero para el siguiente objeto en una lista determinada, lo que permite a usuarios locales obtener acceso de escritura a la cadena PATHRECORD y, por lo tanto, ganar privilegios mediante la activación de un consumo excesivo de memoria paginada y posteriormente hacer muchas llamadas a funciones FlattenPath. The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize a pointer for the next object in a certain list, which allows local users to gain privileges. • https://www.exploit-db.com/exploits/25611 https://www.exploit-db.com/exploits/26554 https://www.exploit-db.com/exploits/25912 https://github.com/ExploitCN/CVE-2013-3660-x64-WIN7 http://archives.neohapsis.com/archives/fulldisclosure/2013-05/0090.html http://archives.neohapsis.com/archives/fulldisclosure/2013-05/0094.html http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0006.html http://secunia.com/advisories/53435 http://twitter.com/taviso/statuses/309157606247768064 http:/&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •