CVE-2013-0002
Microsoft .NET Framework EncoderParameters.ConvertToMemory Remote Code Execution Vulnerability
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Buffer overflow in the Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application that leverages improper counting of objects during a memory copy operation, aka "WinForms Buffer Overflow Vulnerability."
Desbordamiento de búfer en el componente Windows Forms (también conocido como WinForms) de Microsoft. NET Framework 1.0 Service Pack 3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4 y 4.5 permite a atacantes remotos ejecutar código arbitrario a través de (1) un solicitud modificada del explorador XAML (XBAP) o (2) una aplicación .NET Framework diseñada que aprovecha el conteo incorrecto de objetos durante una operación de copia de memoria, también conocido como "Vulnerabilidad de desbordamiento de búfer de WinForms".
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft .NET Framework. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the System.Drawing.Imaging.EncoderParameters.ConvertToMemory() method inside the .NET Framework. The function allocates an array based on the value of the parameter this.param.Length and then uses a loop terminated by the same parameter to fill the array with data. If another thread changes the value of this.param.Length between the array creation and loop this can result in a heap buffer overflow that can lead to remote code execution under the context of the current program.
*Credits:
Vitaliy Toropov
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-11-27 CVE Reserved
- 2013-01-09 CVE Published
- 2024-08-06 CVE Updated
- 2024-10-08 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (4)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-004 | 2023-12-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 1.0 Search vendor "Microsoft" for product ".net Framework" and version "1.0" | sp3 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | - | sp3, media_center |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 1.0 Search vendor "Microsoft" for product ".net Framework" and version "1.0" | sp3 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | - | sp3, tablet_pc |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 1.1 Search vendor "Microsoft" for product ".net Framework" and version "1.1" | sp1 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003" | * | sp2 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 1.1 Search vendor "Microsoft" for product ".net Framework" and version "1.1" | sp1 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | sp2, x64 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 1.1 Search vendor "Microsoft" for product ".net Framework" and version "1.1" | sp1 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | sp2, x86 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 1.1 Search vendor "Microsoft" for product ".net Framework" and version "1.1" | sp1 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | - | sp2, itanium |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 1.1 Search vendor "Microsoft" for product ".net Framework" and version "1.1" | sp1 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | * | sp2 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 1.1 Search vendor "Microsoft" for product ".net Framework" and version "1.1" | sp1 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | - | sp2 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 1.1 Search vendor "Microsoft" for product ".net Framework" and version "1.1" | sp1 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp3 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 1.1 Search vendor "Microsoft" for product ".net Framework" and version "1.1" | sp1 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | - | sp2, x64 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 2.0 Search vendor "Microsoft" for product ".net Framework" and version "2.0" | sp2 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003" | * | sp2 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 2.0 Search vendor "Microsoft" for product ".net Framework" and version "2.0" | sp2 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | sp2, x64 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 2.0 Search vendor "Microsoft" for product ".net Framework" and version "2.0" | sp2 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | sp2, x86 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 2.0 Search vendor "Microsoft" for product ".net Framework" and version "2.0" | sp2 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | - | sp2, itanium |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 2.0 Search vendor "Microsoft" for product ".net Framework" and version "2.0" | sp2 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | * | sp2 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 2.0 Search vendor "Microsoft" for product ".net Framework" and version "2.0" | sp2 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | - | sp2 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 2.0 Search vendor "Microsoft" for product ".net Framework" and version "2.0" | sp2 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp3 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 2.0 Search vendor "Microsoft" for product ".net Framework" and version "2.0" | sp2 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | - | sp2, x64 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.0 Search vendor "Microsoft" for product ".net Framework" and version "4.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | - | - |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.0 Search vendor "Microsoft" for product ".net Framework" and version "4.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | - | sp1, x64 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.0 Search vendor "Microsoft" for product ".net Framework" and version "4.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | - | sp1, x86 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.0 Search vendor "Microsoft" for product ".net Framework" and version "4.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003" | * | sp2 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.0 Search vendor "Microsoft" for product ".net Framework" and version "4.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | r2, itanium |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.0 Search vendor "Microsoft" for product ".net Framework" and version "4.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | r2, x64 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.0 Search vendor "Microsoft" for product ".net Framework" and version "4.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | sp2, x64 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.0 Search vendor "Microsoft" for product ".net Framework" and version "4.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | sp2, x86 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.0 Search vendor "Microsoft" for product ".net Framework" and version "4.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | - | sp2, itanium |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.0 Search vendor "Microsoft" for product ".net Framework" and version "4.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | * | sp2 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.0 Search vendor "Microsoft" for product ".net Framework" and version "4.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | - | sp2 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.0 Search vendor "Microsoft" for product ".net Framework" and version "4.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp3 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.0 Search vendor "Microsoft" for product ".net Framework" and version "4.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | - | sp2, x64 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 3.5 Search vendor "Microsoft" for product ".net Framework" and version "3.5" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 8 Search vendor "Microsoft" for product "Windows 8" | - | x64 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 3.5 Search vendor "Microsoft" for product ".net Framework" and version "3.5" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 8 Search vendor "Microsoft" for product "Windows 8" | - | x86 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 3.5 Search vendor "Microsoft" for product ".net Framework" and version "3.5" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2012 Search vendor "Microsoft" for product "Windows Server 2012" | - | - |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 3.5.1 Search vendor "Microsoft" for product ".net Framework" and version "3.5.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | - | - |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 3.5.1 Search vendor "Microsoft" for product ".net Framework" and version "3.5.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | - | sp1, x64 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 3.5.1 Search vendor "Microsoft" for product ".net Framework" and version "3.5.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | - | sp1, x86 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 3.5.1 Search vendor "Microsoft" for product ".net Framework" and version "3.5.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | r2, itanium |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 3.5.1 Search vendor "Microsoft" for product ".net Framework" and version "3.5.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | * | r2, x64 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.5 Search vendor "Microsoft" for product ".net Framework" and version "4.5" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | - | sp1, x64 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.5 Search vendor "Microsoft" for product ".net Framework" and version "4.5" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | - | sp1, x86 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.5 Search vendor "Microsoft" for product ".net Framework" and version "4.5" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 8 Search vendor "Microsoft" for product "Windows 8" | - | x64 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.5 Search vendor "Microsoft" for product ".net Framework" and version "4.5" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 8 Search vendor "Microsoft" for product "Windows 8" | - | x86 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.5 Search vendor "Microsoft" for product ".net Framework" and version "4.5" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Rt Search vendor "Microsoft" for product "Windows Rt" | - | - |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.5 Search vendor "Microsoft" for product ".net Framework" and version "4.5" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2012 Search vendor "Microsoft" for product "Windows Server 2012" | - | - |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.5 Search vendor "Microsoft" for product ".net Framework" and version "4.5" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | * | sp2 |
Safe
|
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 4.5 Search vendor "Microsoft" for product ".net Framework" and version "4.5" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | - | sp2 |
Safe
|