CVSS: 7.6EPSS: 64%CPEs: 24EXPL: 2CVE-2013-3900 – Microsoft WinVerifyTrust function Remote Code Execution
https://notcve.org/view.php?id=CVE-2013-3900
The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote attackers to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability." La función WinVerifyTrust en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2 y Windows RT Gold y 8.1 no valida correctamente los digest de archivos PE durante la verificación de la firma Authenticode, que permite a atacantes remotos ejecutar código arbitrario mediante un archivo PE manipulado, también conocido como "WinVerifyTrust firma vulnerabilidad de validación." Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows 11. While the format is different from the original CVE published in 2013, the information herein remains unchanged from the original text published on December 10, 2013. Microsoft does not plan to enforce the stricter verification behavior as a default functionality on supported releases of Microsoft Windows. • https://github.com/snoopopsec/vulnerability-CVE-2013-3900 https://github.com/Securenetology/CVE-2013-3900 http://blogs.technet.com/b/srd/archive/2013/12/10/ms13-098-update-to-enhance-the-security-of-authenticode.aspx https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-098 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2013-3900 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 43%CPEs: 3EXPL: 3CVE-2013-5065 – Microsoft Windows Kernel Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2013-5065
NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in November 2013. NDProxy.sys del kernel de Microsoft Windows XP SP2 y SP3 y Server 2003 SP2 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, tal y como se explotó activamente en noviembre de 2013. Microsoft Windows NDProxy.sys in the kernel contains an improper input validation vulnerability which can allow a local attacker to escalate privileges. • https://www.exploit-db.com/exploits/30392 https://www.exploit-db.com/exploits/30014 https://www.exploit-db.com/exploits/37732 http://technet.microsoft.com/security/advisory/2914486 http://www.fireeye.com/blog/technical/cyber-exploits/2013/11/ms-windows-local-privilege-escalation-zero-day-in-the-wild.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-002 •
CVSS: 7.1EPSS: 8%CPEs: 3EXPL: 1CVE-2013-6801
https://notcve.org/view.php?id=CVE-2013-6801
Microsoft Word 2003 SP2 and SP3 on Windows XP SP3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed .doc file containing an embedded image, as demonstrated by word2003forkbomb.doc, related to a "fork bomb" issue. Microsoft Word 2003 SP2 y SP3 en Windows XP SP3 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de un archivo .doc manipulado que contiene una imagen incrustada, como lo demuestra word2003forkbomb.doc, relacionado con un el asunto "bomba fork". • http://archives.neohapsis.com/archives/bugtraq/2013-11/0035.html http://archives.neohapsis.com/archives/bugtraq/2013-11/0038.html http://archives.neohapsis.com/archives/bugtraq/2013-11/0045.html • CWE-399: Resource Management Errors •
CVSS: 7.1EPSS: 0%CPEs: 15EXPL: 0CVE-2013-3876
https://notcve.org/view.php?id=CVE-2013-3876
DirectAccess in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly verify server X.509 certificates, which allows man-in-the-middle attackers to spoof servers and read encrypted domain credentials via a crafted certificate. DirectAccess en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, y Windows RT Gold y 8.1 no verifica adecuadamente certificados X.509 del servidor, lo que permite a atacantes man-in-the-middle falsificar servidores y leer credenciales de dominio cifradas a través de un certificado manipulado. • http://technet.microsoft.com/security/advisory/2862152 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 95%CPEs: 14EXPL: 0CVE-2013-3940
https://notcve.org/view.php?id=CVE-2013-3940
Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image in a Windows Write (.wri) document, which is not properly handled in WordPad, aka "Graphics Device Interface Integer Overflow Vulnerability." Desbordamiento de entero en la interfaz de dispositivo gráfico (GDI) de Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Oro y R2 y Windows RT oro y 8.1 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de una imagen manipulada en un documento Windows Write (. wRI) , que no es manejada correctamente en WordPad, también conocidos como gráficos "Graphics Device Interface Integer Overflow Vulnerability". • http://www.us-cert.gov/ncas/alerts/TA13-317A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-089 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18722 • CWE-190: Integer Overflow or Wraparound •