ID CVE-2013-0004 Type cve Reporter cve@mitre.org Modified 2019-02-26T14:04:00
Description
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate the permissions of objects in memory, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka "Double Construction Vulnerability."
{"symantec": [{"lastseen": "2018-03-13T12:07:32", "bulletinFamily": "software", "description": "### Description\n\nThe Microsoft .NET Framework is prone to a remote privilege-escalation vulnerability. An attackers can exploit this issue to gain escalated privileges; this may result in the attacker gaining complete control of the affected system.\n\n### Technologies Affected\n\n * Microsoft .NET Framework 1.0 \n * Microsoft .NET Framework 1.0 SP1 \n * Microsoft .NET Framework 1.0 SP2 \n * Microsoft .NET Framework 1.0 SP3 \n * Microsoft .NET Framework 1.1 \n * Microsoft .NET Framework 1.1 SP1 \n * Microsoft .NET Framework 2.0 SP2 \n * Microsoft .NET Framework 3.5 \n * Microsoft .NET Framework 3.5.1 \n * Microsoft .NET Framework 4.0 \n * Microsoft .NET Framework 4.5 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nFilter access to the affected computer at the network boundary if global access isn't needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity such as unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\n**Implement multiple authentication mechanisms.** \nProvide an additional layer of authentication for sensitive or privileged information. \n\nUpdates are available. Please see the references for more information.\n", "modified": "2013-01-08T00:00:00", "published": "2013-01-08T00:00:00", "id": "SMNTC-57113", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/57113", "type": "symantec", "title": "Microsoft .NET Framework CVE-2013-0004 Remote Privilege Escalation Vulnerability", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T17:48:12", "bulletinFamily": "exploit", "description": "Bugtraq ID:57113\r\nCVE ID: CVE-2013-0004\r\n\r\nMicrosoft .NET Framework\u662f\u4e00\u5957\u7531Microsoft\u5206\u53d1\u7684\u5e2e\u52a9\u5f00\u53d1\u8005\u6784\u5efa\u57fa\u4e8eWEB\u5e94\u7528\u7684\u7cfb\u7edf\r\n\r\nMicrosoft .NET Framework\u91cc\u5b58\u5728\u7684\u4e00\u4e2a\u4e24\u6b21\u6784\u5efa\u9519\u8bef\u4f1a\u5bfc\u81f4\u4e0d\u6b63\u786e\u9a8c\u8bc1\u5185\u5b58\u4e2d\u67d0\u4e9b\u5bf9\u8c61\u7684\u6743\u9650\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u6784\u5efa\u7279\u5236\u7684XMAL\u6d4f\u89c8\u5668\u5e94\u7528(XBAP)\u6216\u4e0d\u53ef\u4fe1\u7684.Net\u5e94\u7528\uff0c\u8bf1\u4f7f\u7528\u6237\u89e3\u6790\uff0c\u53ef\u5b8c\u5168\u63a7\u5236\u5e94\u7528\u7cfb\u7edf\uff0c\u6267\u884c\u4efb\u610f\u4ee3\u7801\r\n0\r\nMicrosoft .NET Framework 3.5.1\r\nMicrosoft .NET Framework 4.0\r\nMicrosoft .NET Framework 3.5\r\nMicrosoft .NET Framework 2.0 SP2\r\nMicrosoft .NET Framework 1.1 SP1\r\nMicrosoft .NET Framework 1.1\r\nMicrosoft .NET Framework 1.0 SP3\r\nMicrosoft .NET Framework 1.0 SP2\r\nMicrosoft .NET Framework 1.0 SP1\r\nMicrosoft .NET Framework 1.0\r\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6848\r\n\r\n-\u5728Internet Explorer\u4e2d\u7981\u7528XAML\u6d4f\u89c8\u5668\u5e94\u7528\r\n-\u628a\u53ef\u4fe1\u7ad9\u70b9\u6dfb\u52a0\u5230Internet Explorer\u53ef\u4fe1\u57df\u4e2d", "modified": "2013-01-10T00:00:00", "published": "2013-01-10T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60582", "id": "SSV:60582", "title": "Microsoft .NET Framework \u8fdc\u7a0b\u6743\u9650\u63d0\u5347\u6f0f\u6d1e(CVE-2013-0004)", "type": "seebug", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T17:47:49", "bulletinFamily": "exploit", "description": "CVE ID: CVE-2013-0004\r\n\r\nMicrosoft .NET Framework\u662f\u4e00\u5957\u7531Microsoft\u5206\u53d1\u7684\u5e2e\u52a9\u5f00\u53d1\u8005\u6784\u5efa\u57fa\u4e8eWEB\u5e94\u7528\u7684\u7cfb\u7edf\u3002\r\nMicrosoft .NET Framework\u91cc\u5b58\u5728\u7684\u4e00\u4e2a\u4e24\u6b21\u6784\u5efa\u9519\u8bef\u4f1a\u5bfc\u81f4\u4e0d\u6b63\u786e\u9a8c\u8bc1\u5185\u5b58\u4e2d\u67d0\u4e9b\u5bf9\u8c61\u7684\u6743\u9650\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u6784\u5efa\u7279\u5236\u7684XMAL\u6d4f\u89c8\u5668\u5e94\u7528(XBAP)\u6216\u4e0d\u53ef\u4fe1\u7684.Net\u5e94\u7528\uff0c\u8bf1\u4f7f\u7528\u6237\u89e3\u6790\uff0c\u53ef\u5b8c\u5168\u63a7\u5236\u5e94\u7528\u7cfb\u7edf\uff0c\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n0\nMicrosoft .NET Framework 3.5.1\r\nMicrosoft .NET Framework 4.0\r\nMicrosoft .NET Framework 3.5\r\nMicrosoft .NET Framework 2.0 SP2\r\nMicrosoft .NET Framework 1.1 SP1\r\nMicrosoft .NET Framework 1.1\r\nMicrosoft .NET Framework 1.0 SP3\r\nMicrosoft .NET Framework 1.0 SP2\r\nMicrosoft .NET Framework 1.0 SP1\r\nMicrosoft .NET Framework 1.0\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6848\r\n\r\n-\u5728Internet Explorer\u4e2d\u7981\u7528XAML\u6d4f\u89c8\u5668\u5e94\u7528\r\n-\u628a\u53ef\u4fe1\u7ad9\u70b9\u6dfb\u52a0\u5230Internet Explorer\u53ef\u4fe1\u57df\u4e2d", "modified": "2013-01-10T00:00:00", "published": "2013-01-10T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60579", "id": "SSV:60579", "title": "Microsoft .NET Framework\u8fdc\u7a0b\u6743\u9650\u63d0\u5347\u6f0f\u6d1e(MS13-004)", "type": "seebug", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": ""}], "mskb": [{"lastseen": "2019-09-11T12:41:10", "bulletinFamily": "microsoft", "description": "<html><body><p>Resolves a vulnerability in the .NET Framework that could allow remote code execution on a client system. Vulnerability occurs if a user views a specially crafted webpage through a web browser that can run XAML Browser Applications (XBAPs).</p><h2></h2><div class=\"kb-notice-section section\"><br/><a bookmark-id=\"appliestoproducts\" href=\"#appliestoproducts\" managed-link=\"\" target=\"\">View products that this article applies to.</a><span></span></div><h2>Introduction</h2><div class=\"kb-summary-section section\">Microsoft has released security bulletin MS13-004. You can view the complete security bulletin by going to one of the following Microsoft websites: <ul class=\"sbody-free_list\"><li>Home users:<br/><a href=\"http://www.microsoft.com/security/pc-security/bulletins/201301.aspx\" id=\"kb-link-1\" target=\"_self\">http://www.microsoft.com/security/pc-security/bulletins/201301.aspx</a></li><li>IT professionals:<br/><a href=\"http://technet.microsoft.com/security/bulletin/ms13-004\" id=\"kb-link-2\" target=\"_self\">http://technet.microsoft.com/security/bulletin/MS13-004</a></li></ul></div><h2></h2><div class=\"kb-summary-section section\"><h3 class=\"sbody-h3\">How to obtain help and support for this security update</h3>Help installing updates: <a href=\"https://support.microsoft.com/ph/6527\" id=\"kb-link-3\" target=\"_self\">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals: <a href=\"http://technet.microsoft.com/security/bb980617.aspx\" id=\"kb-link-4\" target=\"_self\">TechNet Security troubleshooting and support</a><br/><br/>Help protect your computer that is running Windows from viruses and malware: <a href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" id=\"kb-link-5\" target=\"_self\">Virus Solution and Security Center</a><br/><br/>Local support based on your region and country: <a href=\"https://support.microsoft.com/common/international.aspx\" id=\"kb-link-6\" target=\"_self\">International support</a></div><h2>More Information</h2><div class=\"kb-moreinformation-section section\"><h4 class=\"sbody-h4\">Known issues and additional information about this update</h4>The following articles contain additional information about this update as it relates to individual product versions. The articles may contain specific information about the individual updates, such as a download URL, prerequisites, and command-line switches.<br/><br/><h5 class=\"sbody-h5 text-subtitle\">Microsoft .NET Framework 4.5</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2742614\" id=\"kb-link-7\">2742614 </a> MS13-004: Description of the security update for the .NET Framework 4.5 on Windows 8, Windows RT, and Windows Server 2012: January 8, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2742613\" id=\"kb-link-8\">2742613 </a> MS13-004: Description of the security update for the .NET Framework 4.5 on Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: January 8, 2013</li></ul><br/><h5 class=\"sbody-h5 text-subtitle\">Microsoft .NET Framework 4</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2742595\" id=\"kb-link-9\">2742595 </a> MS13-004: Description of the security update for the .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: January 8, 2013<br/><br/><br/><br/><br/><br/> Known issues in security update 2742595:<br/><ul class=\"sbody-free_list\"><li>After you install this security update on a system that is running Windows Communication Foundation (WCF) and the Microsoft .NET Framework 4.0, and that is hosted on an Internet Information Services (IIS) web server, you may receive an error message that resembles the following: <br/><br/><div class=\"sbody-error\">System.NotSupportedException: The SSL settings for the service 'None' does not match those of the IIS 'Ssl, SslNegotiateCert, SslRequireCert'. </div></li></ul></li></ul><br/><h5 class=\"sbody-h5 text-subtitle\">Microsoft .NET Framework 3.5.1</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2756921\" id=\"kb-link-10\">2756921 </a> MS13-004: Description of the security update for the .NET Framework 3.5.1 on Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: January 8, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2756920\" id=\"kb-link-11\">2756920 </a> MS13-004: Description of the security update for the .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2: January 8, 2013<br/><br/><br/><br/><br/>Known issues in security update 2756920:<br/><ul class=\"sbody-free_list\"><li>After you install this security update on a system that is running Windows Communication Foundation (WCF), you may receive an error message that resembles the following: <br/><br/><div class=\"sbody-error\"> <br/>System.ServiceModel.Ativation.iis7helper.extendedprotectiondotlessspnnotenabledthrowhelper(system.object) <br/></div><br/><br/></li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2742599\" id=\"kb-link-12\">2742599 </a> MS13-004: Description of the security update for the .NET Framework 3.5.1 on Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: January 8, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2742598\" id=\"kb-link-13\">2742598 </a> MS13-004: Description of the security update for the .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2: January 8, 2013</li></ul><br/><h5 class=\"sbody-h5 text-subtitle\">Microsoft .NET Framework 3.5</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2756923\" id=\"kb-link-14\">2756923 </a> MS13-004: Description of the security update for the .NET Framework 3.5 on Windows 8 and Windows Server 2012: January 8, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2742616\" id=\"kb-link-15\">2742616 </a> MS13-004: Description of the security update for the .NET Framework 3.5 on Windows 8 and Windows Server 2012: January 8, 2013</li></ul><br/><h5 class=\"sbody-h5 text-subtitle\">Microsoft .NET Framework 3.0</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2756919\" id=\"kb-link-16\">2756919 </a> MS13-004: Description of the security update for the .NET Framework 3.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: January 8, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2756918\" id=\"kb-link-17\">2756918 </a> MS13-004: Description of the security update for the .NET Framework 3.0 Service Pack 2 on Windows XP and Windows Server 2003: January 8, 2013</li></ul><br/><h5 class=\"sbody-h5 text-subtitle\">Microsoft .NET Framework 2.0</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2742601\" id=\"kb-link-18\">2742601 </a> MS13-004: Description of the security update for the .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: January 8, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2742596\" id=\"kb-link-19\">2742596 </a> MS13-004: Description of the security update for the .NET Framework 2.0 Service Pack 2 on Windows XP and Windows Server 2003: January 8, 2013</li></ul><br/><h5 class=\"sbody-h5 text-subtitle\">Microsoft .NET Framework 1.1</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2742597\" id=\"kb-link-20\">2742597 </a> MS13-004: Description of the security update for the .NET Framework 1.1 Service Pack 1 on Windows XP, Windows Server 2003 x64 Edition, Windows Server 2003 for Itanium Systems, Windows Vista, and Windows Server 2008: January 8, 2013<br/><br/><br/><br/> Known issues in security update 2742597:<br/><ul class=\"sbody-free_list\"><li>In certain situations on computers that are running Windows Vista Service Pack 2 (SP2) or Windows Server 2008 SP2, you may be reoffered this security update, even though the update is already installed correctly. This is a detection issue only, and you do not have to reinstall this security update if it is already installed. </li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2742604\" id=\"kb-link-21\">2742604 </a> MS13-004: Description of the security update for the .NET Framework 1.1 Service Pack 1 on x86-based versions of Windows Server 2003 Service Pack 2: January 8, 2013</li></ul><br/><h5 class=\"sbody-h5 text-subtitle\">Microsoft .NET Framework 1.0</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2742607\" id=\"kb-link-22\">2742607 </a> MS13-004: Description of the security update for the .NET Framework 1.0 Service Pack 3 on Windows XP Service Pack 3 Tablet PC Edition and Windows XP Service Pack 3 Media Center Edition: January 8, 2013</li></ul><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">File hash information</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\"><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">SHA1 hash</th><th class=\"sbody-th\">SHA256 hash</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2742607-X86-Ocm-Chs.exe</td><td class=\"sbody-td\">DC8261697E22A5C82D9D9284A50FAF8DA8DF1328</td><td class=\"sbody-td\">1367370E8E88BDD1323A95DB2F41E02037736F22E41B8D725D67A85ECDFA69DD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2742607-X86-Ocm-Cht.exe</td><td class=\"sbody-td\">163477BDB7315658F5F338BB0E300343AF25C54C</td><td class=\"sbody-td\">7D22ACBE69F260BFEA03470982D71132AE0D68A677284E8221F90EDC9C43665D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2742607-X86-Ocm-Deu.exe</td><td class=\"sbody-td\">098312769A7FBC4ACEB0447FA05EB6D0812438A8</td><td class=\"sbody-td\">1D9EF4B9CB98F71B5DEE921892873815FDF47326C1FD694CEFD451F5CDCF2529</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2742607-X86-Ocm-Enu.exe</td><td class=\"sbody-td\">AB9735D2A8C307A4DA2A55A358DA3D89C72A669F</td><td class=\"sbody-td\">615F36F2A4A4389C9053F921893335614A63B48A002D73F4CE31A81F95678A2E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2742607-X86-Ocm-Esn.exe</td><td class=\"sbody-td\">EB55EC265752F45FE57623D3C499F0175863112F</td><td class=\"sbody-td\">25E39EEBED7330398CE4918684F8AD5040299B2519178E7680007BA0C07EA40F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2742607-X86-Ocm-Fra.exe</td><td class=\"sbody-td\">D860E1E868676FA0C73A669DE8AA1D6B674F98BF</td><td class=\"sbody-td\">184B76E925E2F17E253870E268DAC8F2789401EA13A81B03B28E13FC92251ECA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2742607-X86-Ocm-Ita.exe</td><td class=\"sbody-td\">9CB8A217C2C1B2D97E1229B3D3114B0F280ED82E</td><td class=\"sbody-td\">95AC7853C0B7A42D615289340F61470454D2E6AD97C83991A3F3EC7E11B035F8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2742607-X86-Ocm-Jpn.exe</td><td class=\"sbody-td\">72EDE7BE3C272CA354F7EC18139347245C04C3E0</td><td class=\"sbody-td\">2CB30249382A4BEC6520F256FC41A731B63D8BA71F5D0A7A39C2697746FBA89A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2742607-X86-Ocm-Kor.exe</td><td class=\"sbody-td\">CAC1F2154B105C71398FB2AE5E9930EED6CAFEE7</td><td class=\"sbody-td\">0E25AE86FC3760CC8C0E75DAB7B9677C85C0B7B62128BF8468701A169343720E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2742607-X86-Ocm-Nld.exe</td><td class=\"sbody-td\">359202657EBECA7E929862C86E5A93C2D2956A99</td><td class=\"sbody-td\">57AE13938FE5810ECD9341CA7C2FE79D5BBD4F8CC58F53E2F37EE6E8C87189E4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.1sp1-KB2742597-X86.exe</td><td class=\"sbody-td\">EE3ADCFFC623906E6A2CF8F3D16F51CBD069D2E4</td><td class=\"sbody-td\">54CB61C8BEFD5E4367035F755BE5CAF5C5183B39DEE6B589B10C59232A839A56</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP20SP2-KB2742596-IA64.exe</td><td class=\"sbody-td\">ABF7BF9910B2F82AD3DE48DD3FE5DC00825F0FFC</td><td class=\"sbody-td\">3F33B6C42033FE2DADE44F069BF876CA454F7EE3E82142754AC5C07B52F8E516</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP20SP2-KB2742596-x64.exe</td><td class=\"sbody-td\">D6E4A7E72E0524A87D3DE9D3A149AD12F343A60A</td><td class=\"sbody-td\">AF32F1693E6EE151965E058AF19CEE7DF1B499F887626968053B24CC66B093F0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP20SP2-KB2742596-x86.exe</td><td class=\"sbody-td\">A0B11AAA133B0A15295BDE2EC77680314F3200CC</td><td class=\"sbody-td\">C515F391A6DA487FDB33A36DFDD61A79A470044DD1BC14AA652A0F8AEAFB6E75</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP30SP2-KB2756918-x64.exe</td><td class=\"sbody-td\">24139123C6C09A18090978B88CC2C34116B951B6</td><td class=\"sbody-td\">BFD167DA576570AD220AD180B21243D31CC433C2DEF2BAA067F84F2C551B90C5</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP30SP2-KB2756918-x86.exe</td><td class=\"sbody-td\">0171F9344FF6AEF983E78241B4463190C77D847A</td><td class=\"sbody-td\">913C7D87AC9410F37A22C3536A3F9DD34A286B90019A331BD80C36A85A8224C2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP40-KB2742595-IA64.exe</td><td class=\"sbody-td\">F83730AFDAF463DB2B0865E4ED6BC11F47CA1F74</td><td class=\"sbody-td\">762D57DCD3370E0309FDFEE2A9446DE1F35FB00EACD1789ACC953457C9E3B4AC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP40-KB2742595-x64.exe</td><td class=\"sbody-td\">ACCF0A336E7BA49D629C10FD80B4E03547EA7E3D</td><td class=\"sbody-td\">C09F8D8D67B9377C134DC6DE06BCA1CFF473E78AEC518842847FA0B7461B7574</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP40-KB2742595-x86.exe</td><td class=\"sbody-td\">D1258E5D0D6E3291F20F7C5EFDF11BE6ED9946E5</td><td class=\"sbody-td\">2FA1D5B8E77EA45A4D62E55A9594F5E8B1E773C28BD6EAEFD00F46AE32B11433</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP45-KB2742613-x64.exe</td><td class=\"sbody-td\">9E71A06C62B022BEF5525155BEC5CA5987535E70</td><td class=\"sbody-td\">AC31F530D37E86C79043AA800E354C413C13491F5D2858B880692D5FEDD5DDE0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP45-KB2742613-x86.exe</td><td class=\"sbody-td\">996601AAAB91AABAA6BA950040534DBA63A8E4A4</td><td class=\"sbody-td\">AD4981A7C6FCE661AE07280F120CB6782422E8AC0AFFB1883D93C814666A7EDA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB2742601-ia64.msu</td><td class=\"sbody-td\">A4381AF8BF7002A0C25F8FBB27DB19D0F472B109</td><td class=\"sbody-td\">4EDCCD10FFD04200F098EA3079E85950E24D6C3E020128B00E7AF8C27DE52975</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB2742601-x64.msu</td><td class=\"sbody-td\">D31315A49DB20D1154FB4E6AB7292A31DBF55497</td><td class=\"sbody-td\">FE5AEB8C9A7553E84D9ED7D9D38FCC3A59D91376158AEC4F5FD20AEB615C9EB3</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB2742601-x86.msu</td><td class=\"sbody-td\">1987DB40D3E645A810ED4E4662C4245B6F7AEB09</td><td class=\"sbody-td\">9543D4B4847B19C79733F9508008CA6F779378B8A5FD66189F5288014335A876</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB2756919-ia64.msu</td><td class=\"sbody-td\">3631CED4126AC53D87C236CC67536FD0A4D467DC</td><td class=\"sbody-td\">97CF67A33E3CBD9B298C8FC44D19867426661463819F684AD91B4B80BEAC157F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB2756919-x64.msu</td><td class=\"sbody-td\">885589EA1E8D9512FDCC76167AEFFF688421C2CC</td><td class=\"sbody-td\">8A66579DBE120ADC9C5345341E89A3334D83680F47BA6E16EDC65EF4365089D6</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB2756919-x86.msu</td><td class=\"sbody-td\">E98876D39EF8D2D8517BA1D0A6463C627F100E6C</td><td class=\"sbody-td\">8AF5C3E915BCE561FFC132C5DC13AC02154A2948A69C6ED88035D199C12CED71</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2742598-ia64.msu</td><td class=\"sbody-td\">31115961150BC26F172505E34FFFDD1FC11FF61F</td><td class=\"sbody-td\">F1A3147C84A3117110D3D64C7B6D4D4C64B20390DF970C56C90FCD3D97CDA2AD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2742598-x64.msu</td><td class=\"sbody-td\">7059661AF911E60D8A1EE3ECAFBA3D1BB26E47DA</td><td class=\"sbody-td\">76EFA73C479BA1859F8A28F34B7E40170BF6EA0284F8BB205C0E2CAE0B9874CC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2742598-x86.msu</td><td class=\"sbody-td\">F948684CD25061CD821F95D4C4C9117D1A3DBEAC</td><td class=\"sbody-td\">D12F54E07E94461F0892DAB0A6F19C06423AF16088F606F8F803618755B85914</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2742599-ia64.msu</td><td class=\"sbody-td\">6C2BE8B1114383563574876AD67660D27E3AD768</td><td class=\"sbody-td\">4B43C5136CF4406F074766AB8C1485E5F00E61751527417CD5CB307DBAD10089</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2742599-x64.msu</td><td class=\"sbody-td\">D00E2E3BAFA37096B6A83F9FC0D611AC2241D832</td><td class=\"sbody-td\">984729AD358996A267BB9B317D4272E2B3CDFE46997CA70AB973CC3730F3EF68</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2742599-x86.msu</td><td class=\"sbody-td\">4635E7BD952943828ED081F8AA5AF53DFE5919A1</td><td class=\"sbody-td\">D9FE16AD1E71FBCC04AFA1E83ED9A0069C45C34DB8B4B6EAA54EEFB41CCE4F32</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2756920-ia64.msu</td><td class=\"sbody-td\">8FD778274FAF79BD0074CBA3FEAE9E635B277608</td><td class=\"sbody-td\">925F8F30B5B2832CAB06CC23F5625615F35D035CBD64D0C0797E63F77676C4FD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2756920-x64.msu</td><td class=\"sbody-td\">5B2D0F4E87D2E26B992F992DEC389783170E0732</td><td class=\"sbody-td\">E4AC3B89AC09DD3D661AB9750D5957A8DA5B0FE1A9EF9707C795785BBF3C4A02</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2756920-x86.msu</td><td class=\"sbody-td\">2B3BFB12F0655104B874310C2DCE688E2E708D11</td><td class=\"sbody-td\">8C37C8C04854DEAC882AF6DC30DBAE5A994C21D0A2FA8759741584A3609726AB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2756921-ia64.msu</td><td class=\"sbody-td\">223EAF83871009C3A6D6A8C3556A9A3C31920E4A</td><td class=\"sbody-td\">901DA0D51C387DAC4C46B02064BE1BCA46CECF13565E75981EFA3D68BB69AB06</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2756921-x64.msu</td><td class=\"sbody-td\">3E73B76BBA39160452E2C3EF8FDF134F9D0615C5</td><td class=\"sbody-td\">4E35A5B152D5F4883F47A72A3E73E80EB9021158C748D3E063FA5C3159AA82DC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2756921-x86.msu</td><td class=\"sbody-td\">F502CE7A8F78CB75BDA630955F6E52490D62E591</td><td class=\"sbody-td\">C24B4A4A99A19D13ECF632185139984490C3A3AFC4705514C24327A1CEFA3268</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2742614-arm.msu</td><td class=\"sbody-td\">C4A92529C9316E4EB659018F9C7212C48BA71666</td><td class=\"sbody-td\">0041CABFF9AB79725F677F61E5811AE6D5ED2CD7D75679E9AE33DF3ED214340C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2742614-x64.msu</td><td class=\"sbody-td\">575A9CD9A10E630D07BBADED3E648D05A740BA70</td><td class=\"sbody-td\">7FA2C144AC9B16CC2D88E4547B251497C36AE41A70ED5A401A6497603934940C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2742614-x86.msu</td><td class=\"sbody-td\">7552A39FC25758FAC5415C0CC516EF6C233D5F9E</td><td class=\"sbody-td\">0159C7DB08DDC82E95A002F93F4C8101BB47CF81940BB838C9631B1D5F7F8C51</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2742616-x64.msu</td><td class=\"sbody-td\">74932B4311E1EA99058DD68EA91912F9651894FE</td><td class=\"sbody-td\">0E4CADA534F5990D913984ED85292013F8DA81F86ACFDB299C0920BA3F283F33</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2742616-x86.msu</td><td class=\"sbody-td\">8BE34DB52D85909DF71825F08A23283CC43E5B9A</td><td class=\"sbody-td\">9E9D93B71A004B9F5F13A60621E599736DFF4C0C3DCF237D8A4B96D711282E97</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2756923-x64.msu</td><td class=\"sbody-td\">548B09E94040B34009C23244AB5779131DD1DA22</td><td class=\"sbody-td\">0633D5B3EC5415ABA51786DE160FC853F0EF3E904E149DFF4380C06B9DFB8178</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2756923-x86.msu</td><td class=\"sbody-td\">9DFC61816AAE692AF79E88F6A72A948B53AFB95C</td><td class=\"sbody-td\">A17A678FF491909FBB71D87916AB0B3994833844E0F74CA21A1A4F890216F163</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-CHS.exe</td><td class=\"sbody-td\">C39E834EE99D8864A790F30871AE87C2C5675780</td><td class=\"sbody-td\">99995656AC62E98B2F76CD2C85D7F586FB654EA74604148C15872FC799FFFC78</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-CHT.exe</td><td class=\"sbody-td\">31CF1FD295EACED602F30DF9603147CAC8C62574</td><td class=\"sbody-td\">D70469DB6A5B2E438698B3C4D6B3C86E719E3F574A9A48FA0B1C34F5303494C5</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-CSY.exe</td><td class=\"sbody-td\">530E05CB8054BD07F5AEEEA92672B86B9B283BBE</td><td class=\"sbody-td\">558F7D6EA52E95123BF963B6538626FB640967A8748B069E91D53139D3F4F6C6</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-DEU.exe</td><td class=\"sbody-td\">5333456EAE9CB24164813AAA8DE08185C1F18D28</td><td class=\"sbody-td\">8DBB2ADC2EEEA8FE594E500AD5ED68831A65C7A27B3630C21462BAC3D33F1262</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-ENU.exe</td><td class=\"sbody-td\">489EC592CCFB803A789F94D783C0167EDE788966</td><td class=\"sbody-td\">FD17FA239CAC845367137FE2387576DD9A5594A706AE9701EE680F363B161BD8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-ESN.exe</td><td class=\"sbody-td\">41B4659C7F06BB76B776EE6C6E6E4D781AC376C9</td><td class=\"sbody-td\">0DD236446B110B63131A72908C40FCD5A5BAC9150206FC5B18B3FCD7B8701037</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-FRA.exe</td><td class=\"sbody-td\">90507722E68ECC31622C0BDE1DD3D0FB74F6305E</td><td class=\"sbody-td\">E00A2513922F97F4D7AB34C341089981B6C6AE15EADA6462B7729DBB31F216ED</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-HUN.exe</td><td class=\"sbody-td\">6A2E02BA642C5F759A102D18579F0F493F81DBB0</td><td class=\"sbody-td\">A86BAF3C931097100EEE73905B841103FE64215BCF0223A51FFFF3746D298323</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-ITA.exe</td><td class=\"sbody-td\">1034D99D6FDEC7BBCD6ED02317A82D1DA50EC213</td><td class=\"sbody-td\">CC3D65F17F78DD739F1B49B56B1DF2A8FBDAE861F479FC255A3DA251E6E11B63</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-JPN.exe</td><td class=\"sbody-td\">668505D2710B6F8D45E6246D6F5BA5BACB45BAE8</td><td class=\"sbody-td\">64ED5841D5082937374B2605589495CD676B6A63AFF9629D406BDB94BA4EA7A6</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-KOR.exe</td><td class=\"sbody-td\">481F6C0EB4326FABC21CDB6613663FEF430A83A8</td><td class=\"sbody-td\">D1651E6DFCE312292D8BF2884B2F5B442BB80F9730D99E441A85F8A128EAE6AF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-NLD.exe</td><td class=\"sbody-td\">77C7E9379529CDF6AC9C5D9215A4A12E6F084720</td><td class=\"sbody-td\">5B527E4B6256220C53FDF24648AC1BE0713251B736A251A343BA7494191BFAB1</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-PLK.exe</td><td class=\"sbody-td\">66BF91E4DE75C8A55E3592091BB2A46CE8D9B67B</td><td class=\"sbody-td\">57C4CE0A0BDF756674B3107CF0C7B92D533673BA02A9659B31A092A40E13D6E9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-PTB.exe</td><td class=\"sbody-td\">B109C7B828A1B0037E7786083AC54EC285945284</td><td class=\"sbody-td\">3197830CCE2E07E9736D8D455364C9F118FEF84CF1449549D366C55DD363A5B7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-PTG.exe</td><td class=\"sbody-td\">D7EA7A63A18803AB512BDC5F4B8561C3E2950B72</td><td class=\"sbody-td\">9579CA402A6357E2C64B45019AB80327C0C2EA18A9FF14A24356DF92E8EF0182</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-RUS.exe</td><td class=\"sbody-td\">D09876458374207D8346CE0A8666C55AFAC70C84</td><td class=\"sbody-td\">CA781756C8E4058DE1FC07F24DF6BD4697916DADDEE09D33D3F1EA8DBB97FC20</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-SVE.exe</td><td class=\"sbody-td\">0BA97DD136122037EEE201C120742C6FA8C2F7A1</td><td class=\"sbody-td\">522D945B1CE8E429590E57848D1B502C563877752BCAA3C5CB2B8F7683C27766</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2742604-x86-TRK.exe</td><td class=\"sbody-td\">F0B57279D2FB87578A9022CE4AF0613334441D3B</td><td class=\"sbody-td\">4DD729A7A229ADBD973CDCFFE807DF0F4568AEB8427C9E7C96E3196B9EFF8AD7</td></tr></table></div></div><br/></span></div></div></div></div><h2></h2><div class=\"kb-moreinformation-section section\"><h4 class=\"sbody-h4\">Update replacement information</h4>Update replacement information for each specific update can be found in the Knowledge Base articles that correspond to this update.</div><h2></h2><div class=\"kb-notice-section section\"><a class=\"bookmark\" id=\"appliestoproducts\"></a><br/><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">Applies to</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\">This article applies to the following:<ul class=\"sbody-free_list\"><li>Microsoft .NET Framework 4.5 when used with:<ul class=\"sbody-free_list\"><li>Windows 8</li><li>Windows RT</li><li>Windows Server 2012</li><li>Windows 7</li><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 R2</li><li>Windows Server 2008 R2 Service Pack 1</li><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 4 when used with:<ul class=\"sbody-free_list\"><li>Windows 7</li><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 R2</li><li>Windows Server 2008 R2 Service Pack 1</li><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li><li>Microsoft Windows XP Service Pack 3</li><li>Microsoft Windows Server 2003 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 3.5.1 when used with:<ul class=\"sbody-free_list\"><li>Windows 7</li><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 R2</li><li>Windows Server 2008 R2 Service Pack 1</li></ul></li><li>Microsoft .NET Framework 3.5 when used with:<ul class=\"sbody-free_list\"><li>Windows 8</li><li>Windows Server 2012</li></ul></li><li>Microsoft .NET Framework 3.0 Service Pack 2 when used with:<ul class=\"sbody-free_list\"><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li><li>Windows XP Service Pack 3</li><li>Windows Server 2003 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 2.0 Service Pack 2 when used with:<ul class=\"sbody-free_list\"><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li><li>Microsoft Windows XP Service Pack 3</li><li>Microsoft Windows Server 2003 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 1.1 Service Pack 1 when used with:<ul class=\"sbody-free_list\"><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li><li>Windows Server 2003 Service Pack 2</li><li>Windows Server 2003 Service Pack 2 x64 Edition</li><li>Windows Server 2003 Service Pack 2 for Itanium Systems</li><li>Windows XP Service Pack 3</li></ul></li><li>Microsoft .NET Framework 1.0 Service Pack 3 when used with:<ul class=\"sbody-free_list\"><li>Windows XP Service Pack 3 Tablet PC Edition </li><li>Windows XP Service Pack 3 Media Center Edition</li></ul></li></ul></div><br/></span></div></div></div></div></body></html>", "modified": "2013-02-08T01:23:18", "id": "KB2769324", "href": "https://support.microsoft.com/en-us/help/2769324/", "published": "2017-01-07T21:39:06", "title": "MS13-004: Vulnerability in the .NET Framework could allow elevation of privilege: January 8, 2013", "type": "mskb", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2020-02-01T02:11:42", "bulletinFamily": "scanner", "description": "The remote Windows host is running a version of Microsoft .NET\nFramework that is affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability exists in the\n way the Windows Forms in .NET Framework handle pointers\n to unmanaged memory locations. (CVE-2013-0001)\n\n - A buffer overflow vulnerability in a Windows Form method\n in the .NET Framework exists that could be exploited to\n gain elevated privileges. (CVE-2013-0002)\n\n - A method in the S.DS.P namespace of the .NET Framework is\n affected by a buffer overflow vulnerability which could\n be exploited to gain elevated privileges.\n (CVE-2013-0003)\n\n - The way the .NET Framework validates permissions of\n certain objects in memory has a flaw that could be\n exploited to gain elevated privileges. (CVE-2013-0004).", "modified": "2020-02-02T00:00:00", "id": "SMB_NT_MS13-004.NASL", "href": "https://www.tenable.com/plugins/nessus/63422", "published": "2013-01-09T00:00:00", "title": "MS13-004: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2769324)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(63422);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/15 20:50:31\");\n\n script_cve_id(\n \"CVE-2013-0001\",\n \"CVE-2013-0002\",\n \"CVE-2013-0003\",\n \"CVE-2013-0004\"\n );\n script_bugtraq_id(57113, 57114, 57124, 57126);\n script_xref(name:\"MSFT\", value:\"MS13-004\");\n script_xref(name:\"MSKB\", value:\"2742595\");\n script_xref(name:\"MSKB\", value:\"2742596\");\n script_xref(name:\"MSKB\", value:\"2742597\");\n script_xref(name:\"MSKB\", value:\"2742598\");\n script_xref(name:\"MSKB\", value:\"2742599\");\n script_xref(name:\"MSKB\", value:\"2742601\");\n script_xref(name:\"MSKB\", value:\"2742604\");\n script_xref(name:\"MSKB\", value:\"2742613\");\n script_xref(name:\"MSKB\", value:\"2742614\");\n script_xref(name:\"MSKB\", value:\"2742616\");\n script_xref(name:\"MSKB\", value:\"2756918\");\n script_xref(name:\"MSKB\", value:\"2756919\");\n script_xref(name:\"MSKB\", value:\"2756920\");\n script_xref(name:\"MSKB\", value:\"2756921\");\n script_xref(name:\"MSKB\", value:\"2756923\");\n script_xref(name:\"IAVA\", value:\"2013-A-0006\");\n\n script_name(english:\"MS13-004: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2769324)\");\n script_summary(english:\"Checks file versions\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The version of the .NET Framework installed on the remote host is\naffected by multiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote Windows host is running a version of Microsoft .NET\nFramework that is affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability exists in the\n way the Windows Forms in .NET Framework handle pointers\n to unmanaged memory locations. (CVE-2013-0001)\n\n - A buffer overflow vulnerability in a Windows Form method\n in the .NET Framework exists that could be exploited to\n gain elevated privileges. (CVE-2013-0002)\n\n - A method in the S.DS.P namespace of the .NET Framework is\n affected by a buffer overflow vulnerability which could\n be exploited to gain elevated privileges.\n (CVE-2013-0003)\n\n - The way the .NET Framework validates permissions of\n certain objects in memory has a flaw that could be\n exploited to gain elevated privileges. (CVE-2013-0004).\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-13-004/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-13-005/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/fulldisclosure/2013/Jan/51\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2013/ms13-004\");\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Microsoft has released a set of patches for the .NET Framework on\nWindows XP, 2003, Vista, 2008, 7, 2008 R2, 8, and 2012.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/01/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:.net_framework\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"audit.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS13-004';\nkbs = make_list(\n '2742595', # verify min versions\n '2742596',\n '2742597',\n '2742598',\n '2742599',\n '2742601',\n '2742604',\n #'2742607', # Not checked\n # Media Center Edition 2005 Service Pack 3 and Tablet PC Edition 2005 Service Pack 3 only\n '2742613',\n '2742614',\n '2742616',\n '2756918',\n '2756919',\n '2756920',\n '2756921',\n '2756923'\n);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\n\nif (hotfix_check_sp_range(xp:'3', win2003:'2', vista:'2', win7:'0,1', win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nif (\"Windows Embedded\" >< productname) exit(0, \"The host is running \"+productname+\" and hence is not affected.\");\n\nrootfile = hotfix_get_systemroot();\nif (!rootfile) exit(1, \"Failed to get the system root.\");\n\nshare = hotfix_path2share(path:rootfile);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nregistry_init();\nhklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE);\nassembly_dir_30 = get_registry_value(handle:hklm, item:\"SOFTWARE\\Microsoft\\.NETFramework\\AssemblyFolders\\v3.0\\All Assemblies In\");\nassembly_dir_35 = get_registry_value(handle:hklm, item:\"SOFTWARE\\Microsoft\\.NETFramework\\AssemblyFolders\\v3.5\\All Assemblies In\");\nRegCloseKey(handle:hklm);\nclose_registry();\n\nvuln = 0;\n\n########## KB2742595 ###########\n# .NET Framework 4.0 #\n# Windows XP SP3, #\n# Windows XP SP2 x64, #\n# Windows 2003 SP2, #\n# Windows Vista SP2, #\n# Windows 7, #\n# Windows Server 2008 SP2, #\n# Windows Server 2008 R2 #\n################################\nmissing = 0;\n# Windows XP SP3\nmissing += hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"System.Windows.Forms.dll\", version:\"4.0.30319.1001\", min_version:\"4.0.30319.0\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\nmissing += hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"System.Windows.Forms.dll\", version:\"4.0.30319.2001\", min_version:\"4.0.30319.1200\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n# Windows XP SP2 x64 / Server 2003 SP2\nmissing += hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"System.Windows.Forms.dll\", version:\"4.0.30319.1001\", min_version:\"4.0.30319.0\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\nmissing += hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"System.Windows.Forms.dll\", version:\"4.0.30319.2001\", min_version:\"4.0.30319.1200\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n# Windows Vista SP2 / Server 2008 SP2\nmissing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"System.Windows.Forms.dll\", version:\"4.0.30319.1001\", min_version:\"4.0.30319.0\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\nmissing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"System.Windows.Forms.dll\", version:\"4.0.30319.2001\", min_version:\"4.0.30319.1200\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n# Windows 7 / 2008 R2\nmissing += hotfix_is_vulnerable(os:\"6.1\", file:\"System.Windows.Forms.dll\", version:\"4.0.30319.1001\", min_version:\"4.0.30319.0\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\nmissing += hotfix_is_vulnerable(os:\"6.1\", file:\"System.Windows.Forms.dll\", version:\"4.0.30319.2001\", min_version:\"4.0.30319.1200\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2742595\");\nvuln += missing;\n\n######### KB2742596 ###########\n# .NET Framework 2.0 SP2 #\n# Windows XP SP 3, #\n# Server 2003 SP2 #\n###############################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"System.Windows.Forms.dll\", version:\"2.0.50727.5740\", min_version:\"2.0.50727.5000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"System.Windows.Forms.dll\", version:\"2.0.50727.3644\", min_version:\"2.0.50727.3000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"System.Windows.Forms.dll\", version:\"2.0.50727.5740\", min_version:\"2.0.50727.5000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"System.Windows.Forms.dll\", version:\"2.0.50727.3644\", min_version:\"2.0.50727.3000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2742596\");\nvuln += missing;\n\n########## KB2742597 ###########\n# .NET Framework 1.1 SP 1 #\n# Windows XP, #\n# Windows Server 2003 64-bit, #\n# Vista SP2, #\n# Server 2008 SP2 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"5.1\", arch:\"x86\", sp:3, file:\"System.Web.dll\", version:\"1.1.4322.2502\", dir:\"\\Microsoft.NET\\Framework\\v1.1.4322\");\nmissing += hotfix_is_vulnerable(os:\"5.2\", arch:\"x64\", sp:2, file:\"System.Web.dll\", version:\"1.1.4322.2502\", dir:\"\\Microsoft.NET\\Framework\\v1.1.4322\");\nmissing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"System.Web.dll\", version:\"1.1.4322.2502\", dir:\"\\Microsoft.NET\\Framework\\v1.1.4322\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:'2742597');\nvuln += missing;\n\n########## KB2742598 ###########\n# .NET Framework 3.5.1 #\n# Windows 7, #\n# Server 2008 R2 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"6.1\", sp:0, file:\"System.Windows.Forms.dll\", version:\"2.0.50727.5740\", min_version:\"2.0.50727.5000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"6.1\", sp:0, file:\"System.Windows.Forms.dll\", version:\"2.0.50727.4985\", min_version:\"2.0.50727.4000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2742598\");\nvuln += missing;\n\n########## KB2742599 ###########\n# .NET Framework 3.5.1 #\n# Windows 7 SP1, #\n# Server 2008 R2 SP1 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"System.Windows.Forms.dll\", version:\"2.0.50727.5740\", min_version:\"2.0.50727.5600\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"System.Windows.Forms.dll\", version:\"2.0.50727.5467\", min_version:\"2.0.50727.4000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2742599\");\nvuln += missing;\n\n########## KB2742601 ###########\n# .NET Framework 2.0 SP2 #\n# Windows Vista SP2, #\n# Server 2008 SP2 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"System.Windows.Forms.dll\", version:\"2.0.50727.5740\", min_version:\"2.0.50727.5000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"System.Windows.Forms.dll\", version:\"2.0.50727.4235\", min_version:\"2.0.50727.4000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2742601\");\nvuln += missing;\n\n########## KB2742604 ###########\n# .NET Framework 1.1 SP 1 #\n# Windows Server 2003 SP2 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"5.2\", arch:\"x86\", sp:2, file:\"mscorlib.dll\", version:\"1.1.4322.2502\", dir:\"\\Microsoft.NET\\Framework\\v1.1.4322\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:'2742604');\nvuln += missing;\n\n########## KB2742613 ###########\n# .NET Framework 4.5 #\n# Windows Vista SP2, #\n# Server 2008 SP2, #\n# Windows 7 SP1, #\n# Windows 2008 R2 SP1 #\n################################\nmissing = 0;\n# Windows Vista SP2 / Server 2008 SP2\nmissing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"System.dll\", version:\"4.0.30319.18021\", min_version:\"4.0.30319.17900\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\nmissing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"System.dll\", version:\"4.0.30319.19029\", min_version:\"4.0.30319.19000\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n# Windows 7 SP1 / 2008 R2 SP1\nmissing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"System.dll\", version:\"4.0.30319.18021\", min_version:\"4.0.30319.17900\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\nmissing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"System.dll\", version:\"4.0.30319.19029\", min_version:\"4.0.30319.19000\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2742613\");\nvuln += missing;\n\n########## KB2742614 ###########\n# .NET Framework 4.0 #\n# Windows 8, #\n# Server 2012 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"System.dll\", version:\"4.0.30319.18022\", min_version:\"4.0.30319.17900\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\nmissing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"System.dll\", version:\"4.0.30319.19030\", min_version:\"4.0.30319.19000\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2742614\");\nvuln += missing;\n\n########## KB2742616 ###########\n# .NET Framework 3.5 #\n# Windows 8, #\n# Server 2012 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"System.dll\", version:\"2.0.50727.6401\", min_version:\"2.0.50727.6000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"System.dll\", version:\"2.0.50727.7005\", min_version:\"2.0.50727.7000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2742616\");\nvuln += missing;\n\n######### KB2756918 ###########\n# .NET Framework 3.0 SP2 #\n# Windows XP SP 3, #\n# Server 2003 SP2 #\n###############################\nif (!isnull(assembly_dir_30))\n{\n missing = 0;\n missing += hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"System.ServiceModel.dll\", version:\"3.0.4506.4037\", min_version:\"3.0.4506.4000\", path:assembly_dir_30);\n missing += hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"System.ServiceModel.dll\", version:\"3.0.4506.5845\", min_version:\"3.0.4506.5600\", path:assembly_dir_30);\n missing += hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"System.ServiceModel.dll\", version:\"3.0.4506.4037\", min_version:\"3.0.4506.4000\", path:assembly_dir_30);\n missing += hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"System.ServiceModel.dll\", version:\"3.0.4506.5845\", min_version:\"3.0.4506.5600\", path:assembly_dir_30);\n\n if (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2756918\");\n vuln += missing;\n}\n\n######### KB2756919 ###########\n# .NET Framework 3.0 SP2 #\n# Windows Vista SP2, #\n# Server 2008 SP2 #\n###############################\nif (!isnull(assembly_dir_30))\n{\n missing = 0;\n missing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"System.ServiceModel.dll\", version:\"3.0.4506.4214\", min_version:\"3.0.4506.4000\", path:assembly_dir_30);\n missing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"System.ServiceModel.dll\", version:\"3.0.4506.5847\", min_version:\"3.0.4506.5600\", path:assembly_dir_30);\n\n if (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2756919\");\n vuln += missing;\n}\n\n######### KB2756920 ###########\n# .NET Framework 3.5.1 #\n# Windows 7, #\n# Server 2008 R2 #\n###############################\nif (!isnull(assembly_dir_35))\n{\n missing = 0;\n missing += hotfix_is_vulnerable(os:\"6.1\", sp:0, file:\"System.ServiceModel.dll\", version:\"3.0.4506.5007\", min_version:\"3.0.4506.4000\", path:assembly_dir_35);\n missing += hotfix_is_vulnerable(os:\"6.1\", sp:0, file:\"System.ServiceModel.dll\", version:\"3.0.4506.5846\", min_version:\"3.0.4506.5600\", path:assembly_dir_35);\n\n if (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2756920\");\n vuln += missing;\n}\n\n######### KB2756921 ###########\n# .NET Framework 3.5.1 #\n# Windows 7 SP1, #\n# Server 2008 R2 SP1 #\n###############################\nif (!isnull(assembly_dir_35))\n{\n missing = 0;\n missing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"System.ServiceModel.dll\", version:\"3.0.4506.5452\", min_version:\"3.0.4506.4000\", path:assembly_dir_35);\n missing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"System.ServiceModel.dll\", version:\"3.0.4506.5846\", min_version:\"3.0.4506.5600\", path:assembly_dir_35);\n\n if (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2756921\");\n vuln += missing;\n}\n\n######### KB2756923 ###########\n# .NET Framework 3.5 #\n# Windows 8, #\n# Server 2012 #\n###############################\nif (!isnull(assembly_dir_35))\n{\n missing = 0;\n missing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"System.ServiceModel.dll\", version:\"3.0.4506.6401\", min_version:\"3.0.4506.6000\", path:assembly_dir_35);\n missing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"System.ServiceModel.dll\", version:\"3.0.4506.7005\", min_version:\"3.0.4506.7000\", path:assembly_dir_35);\n\n if (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2756923\");\n vuln += missing;\n}\n\nif(vuln > 0)\n{\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, \"affected\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-02T21:11:19", "bulletinFamily": "scanner", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS13-004.", "modified": "2017-02-20T00:00:00", "published": "2013-01-09T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=902939", "id": "OPENVAS:902939", "title": "Microsoft .NET Framework Privilege Elevation Vulnerability (2769324)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms13-004.nasl 5365 2017-02-20 13:46:09Z cfi $\n#\n# Microsoft .NET Framework Privilege Elevation Vulnerability (2769324)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow an attacker to execute arbitrary code\n with the privileges of the currently logged-in user. Failed attacks will\n cause denial-of-service conditions.\n Impact Level: System/Application\";\n\ntag_affected = \"Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0, 3.5, 3.5.1, 4 and 4.5\";\ntag_insight = \"- An error within the System Drawing namespace of Windows Forms when handling\n pointers can be exploited to bypass CAS (Code Access Security) restrictions\n and disclose information.\n - An error within WinForms when handling certain objects can be exploited to\n cause a buffer overflow.\n - A boundary error within the System.DirectoryServices.Protocols namespace\n when handling objects can be exploited to cause a buffer overflow.\n - A double construction error within the framework does not validate object\n permissions and can be exploited via a specially crafted XAML Browser\n Application (XBAP) or an untrusted .NET application.\";\ntag_solution = \"Run Windows Update and update the listed hotfixes or download and\n update mentioned hotfixes in the advisory from the below link,\n http://technet.microsoft.com/en-us/security/bulletin/ms13-004\";\ntag_summary = \"This host is missing an important security update according to\n Microsoft Bulletin MS13-004.\";\n\nif(description)\n{\n script_id(902939);\n script_version(\"$Revision: 5365 $\");\n script_cve_id(\"CVE-2013-0001\", \"CVE-2013-0002\", \"CVE-2013-0003\", \"CVE-2013-0004\");\n script_bugtraq_id(57124, 57126, 57114, 57113);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 14:46:09 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-09 10:02:42 +0530 (Wed, 09 Jan 2013)\");\n script_name(\"Microsoft .NET Framework Privilege Elevation Vulnerability (2769324)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/51777/\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2769324\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2742613\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2742595\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2756921\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2756920\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2742599\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2742598\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2756919\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2756918\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2742601\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2742596\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2742597\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2742604\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2742607\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms13-004\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_reg_enum.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n## Variables Initialization\nkey = \"\";\nitem = \"\";\npath = \"\";\ndllVer = \"\";\ndllv3 = \"\";\n\n## Check for OS and Service Pack\nif(hotfix_check_sp(xp:4, xpx64:3, win2003:3, win2003x64:3, winVista:3,\n win7:2, win7x64:2, win2008:3, win2008r2:2) <= 0){\n exit(0);\n}\n\n## Confirm .NET\nkey = \"SOFTWARE\\Microsoft\\ASP.NET\\\";\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\n## Try to Get Version\nforeach item (registry_enum_keys(key:key))\n{\n path = registry_get_sz(key:key + item, item:\"Path\");\n if(path && \"\\Microsoft.NET\\Framework\" >< path)\n {\n ## Get version from System.dll file\n dllVer = fetch_file_version(sysPath:path, file_name:\"System.dll\");\n if(dllVer)\n {\n ## .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008,\n ## Windows 7 and and Windows Server 2008 R2\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.1000\", test_version2:\"4.0.30319.1000\")||\n version_in_range(version:dllVer, test_version:\"4.0.30319.2000\", test_version2:\"4.0.30319.2000\"))\n {\n security_message(0);\n exit(0);\n }\n\n ## .NET Framework 4.5 on Windows 7 SP1 and Windows Server 2008 R2 SP 1\n ## Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2\n if((hotfix_check_sp(win7:2, win7x64:2, win2008r2:2, winVista:3, win2008:3) > 0) &&\n (version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18020\")||\n version_in_range(version:dllVer, test_version:\"4.0.30319.19000\", test_version2:\"4.0.30319.19028\")))\n {\n security_message(0);\n exit(0);\n }\n\n ## .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2\n if((hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) > 0) &&\n (version_in_range(version:dllVer, test_version:\"2.0.50727.5000\", test_version2:\"2.0.50727.5466\")||\n version_in_range(version:dllVer, test_version:\"2.0.50727.5600\", test_version2:\"2.0.50727.5739\")||\n version_in_range(version:dllVer, test_version:\"2.0.50727.4000\", test_version2:\"2.0.50727.4984\")))\n {\n security_message(0);\n exit(0);\n }\n\n ## .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2\n if((hotfix_check_sp(winVista:3, win2008:3) > 0) &&\n (version_in_range(version:dllVer, test_version:\"2.0.50727.4000\", test_version2:\"2.0.50727.4234\")||\n version_in_range(version:dllVer, test_version:\"2.0.50727.5700\", test_version2:\"2.0.50727.5739\")))\n {\n security_message(0);\n exit(0);\n }\n\n ## .NET Framework 2.0 Service Pack 2 on Windows XP and Windows Server 2003\n if((hotfix_check_sp(xp:4, xpx64:3, win2003:3, win2003x64:3) > 0) &&\n (version_in_range(version:dllVer, test_version:\"2.0.50727.3000\", test_version2:\"2.0.50727.3643\")||\n version_in_range(version:dllVer, test_version:\"2.0.50727.5700\", test_version2:\"2.0.50727.5739\")))\n {\n security_message(0);\n exit(0);\n }\n\n ## .NET Framework 1.1 Service Pack 1 on Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008\n if((hotfix_check_sp(xp:4, win2003:3, win2003x64:3, winVista:3, win2008:3) > 0) &&\n (version_in_range(version:dllVer, test_version:\"1.1.4322.2000\", test_version2:\"1.1.4322.2501\")))\n {\n security_message(0);\n exit(0);\n }\n }\n }\n}\n\n## Microsoft .NET Framework 1.1 Service Pack 1 when used with\n## Windows Server 2003 Service Pack 2\nforeach item (registry_enum_keys(key:key))\n{\n path = registry_get_sz(key:key + item, item:\"Path\");\n if(\"\\Microsoft.NET\\Framework\" >< path)\n {\n ## Get version from mscorlib.dll file\n dllVer = fetch_file_version(sysPath:path, file_name:\"mscorlib.dll\");\n if(dllVer)\n {\n ## Windows XP and Windows 2003\n if(hotfix_check_sp(win2003:3) > 0)\n {\n ## Microsoft .NET Framework 1.1 Service Pack 1\n if(version_in_range(version:dllVer, test_version:\"1.1.4322.2000\", test_version2:\"1.1.4322.2501\"))\n {\n security_message(0);\n exit(0);\n }\n }\n }\n }\n}\n\n## Get .NET Framework 3.0 Service Pack 2 Version\nkey = \"SOFTWARE\\Microsoft\\.NETFramework\\AssemblyFolders\\v3.0\";\nif(registry_key_exists(key:key))\n{\n path = registry_get_sz(key:key, item:\"All Assemblies In\");\n if(path){\n dllv3 = fetch_file_version(sysPath:path, file_name:\"system.identitymodel.dll\");\n }\n}\n\n## .NET Framework 3.0 Service Pack 2 on Windows XP and Windows Server 2003\nif(dllv3 && (hotfix_check_sp(xp:4, xpx64:3, win2003:3, win2003x64:3) > 0))\n{\n if(version_in_range(version:dllv3, test_version:\"3.0.4506.4000\", test_version2:\"3.0.4506.4036\") ||\n version_in_range(version:dllv3, test_version:\"3.0.4506.5000\", test_version2:\"3.0.4506.5844\"))\n {\n security_message(0);\n exit(0);\n }\n}\n\n## .NET Framework 3.0 Service Pack 2 on Windows Vista and Windows Server 2008\nif(dllv3 && (hotfix_check_sp(winVista:3, win2008:3) > 0))\n{\n if(version_in_range(version:dllv3, test_version:\"3.0.4506.4000\", test_version2:\"3.0.4506.4213\") ||\n version_in_range(version:dllv3, test_version:\"3.0.4506.5000\", test_version2:\"3.0.4506.5846\"))\n {\n security_message(0);\n exit(0);\n }\n}\n\n## .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2\nif(dllv3 && (hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) > 0))\n{\n if(version_in_range(version:dllv3, test_version:\"3.0.4506.5400\", test_version2:\"3.0.4506.5451\") ||\n version_in_range(version:dllv3, test_version:\"3.0.4506.5800\", test_version2:\"3.0.4506.5845\") ||\n version_in_range(version:dllv3, test_version:\"3.0.4506.5000\", test_version2:\"3.0.4506.5006\")){\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-02-05T18:42:08", "bulletinFamily": "scanner", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS13-004.", "modified": "2020-02-05T00:00:00", "published": "2013-01-09T00:00:00", "id": "OPENVAS:1361412562310902939", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902939", "title": "Microsoft .NET Framework Privilege Elevation Vulnerability (2769324)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft .NET Framework Privilege Elevation Vulnerability (2769324)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902939\");\n script_version(\"2020-02-05T07:55:56+0000\");\n script_cve_id(\"CVE-2013-0001\", \"CVE-2013-0002\", \"CVE-2013-0003\", \"CVE-2013-0004\");\n script_bugtraq_id(57124, 57126, 57114, 57113);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-05 07:55:56 +0000 (Wed, 05 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-01-09 10:02:42 +0530 (Wed, 09 Jan 2013)\");\n script_name(\"Microsoft .NET Framework Privilege Elevation Vulnerability (2769324)\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2769324\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2742613\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2742595\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2756921\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2756920\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2742599\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2742598\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2756919\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2756918\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2742601\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2742596\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2742597\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2742604\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2742607\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-004\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker to execute arbitrary code\n with the privileges of the currently logged-in user. Failed attacks will cause denial-of-service conditions.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0, 3.5, 3.5.1, 4 and 4.5\");\n\n script_tag(name:\"insight\", value:\"- An error within the System Drawing namespace of Windows Forms when handling\n pointers can be exploited to bypass CAS (Code Access Security) restrictions and disclose information.\n\n - An error within WinForms when handling certain objects can be exploited to\n cause a buffer overflow.\n\n - A boundary error within the System.DirectoryServices.Protocols namespace\n when handling objects can be exploited to cause a buffer overflow.\n\n - A double construction error within the framework does not validate object\n permissions and can be exploited via a specially crafted XAML Browser\n Application (XBAP) or an untrusted .NET application.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS13-004.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(xp:4, xpx64:3, win2003:3, win2003x64:3, winVista:3,\n win7:2, win7x64:2, win2008:3, win2008r2:2) <= 0){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\ASP.NET\\\";\nif(!registry_key_exists(key:key))\n exit(0);\n\nforeach item (registry_enum_keys(key:key))\n{\n path = registry_get_sz(key:key + item, item:\"Path\");\n if(path && \"\\Microsoft.NET\\Framework\" >< path)\n {\n dllVer = fetch_file_version(sysPath:path, file_name:\"System.dll\");\n if(dllVer)\n {\n # .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7 and Windows Server 2008 R2\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.1000\", test_version2:\"4.0.30319.1000\")||\n version_in_range(version:dllVer, test_version:\"4.0.30319.2000\", test_version2:\"4.0.30319.2000\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n\n # .NET Framework 4.5 on Windows 7 SP1, Windows Server 2008 R2 SP 1, Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2\n if((hotfix_check_sp(win7:2, win7x64:2, win2008r2:2, winVista:3, win2008:3) > 0) &&\n (version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18020\")||\n version_in_range(version:dllVer, test_version:\"4.0.30319.19000\", test_version2:\"4.0.30319.19028\")))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n\n # .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2\n if((hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) > 0) &&\n (version_in_range(version:dllVer, test_version:\"2.0.50727.5000\", test_version2:\"2.0.50727.5466\")||\n version_in_range(version:dllVer, test_version:\"2.0.50727.5600\", test_version2:\"2.0.50727.5739\")||\n version_in_range(version:dllVer, test_version:\"2.0.50727.4000\", test_version2:\"2.0.50727.4984\")))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n\n # .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2\n if((hotfix_check_sp(winVista:3, win2008:3) > 0) &&\n (version_in_range(version:dllVer, test_version:\"2.0.50727.4000\", test_version2:\"2.0.50727.4234\")||\n version_in_range(version:dllVer, test_version:\"2.0.50727.5700\", test_version2:\"2.0.50727.5739\")))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n\n # .NET Framework 2.0 Service Pack 2 on Windows XP and Windows Server 2003\n if((hotfix_check_sp(xp:4, xpx64:3, win2003:3, win2003x64:3) > 0) &&\n (version_in_range(version:dllVer, test_version:\"2.0.50727.3000\", test_version2:\"2.0.50727.3643\")||\n version_in_range(version:dllVer, test_version:\"2.0.50727.5700\", test_version2:\"2.0.50727.5739\")))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n\n # .NET Framework 1.1 Service Pack 1 on Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008\n if((hotfix_check_sp(xp:4, win2003:3, win2003x64:3, winVista:3, win2008:3) > 0) &&\n (version_in_range(version:dllVer, test_version:\"1.1.4322.2000\", test_version2:\"1.1.4322.2501\")))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n}\n\n# .NET Framework 1.1 Service Pack 1 when used with\nforeach item (registry_enum_keys(key:key))\n{\n path = registry_get_sz(key:key + item, item:\"Path\");\n if(\"\\Microsoft.NET\\Framework\" >< path)\n {\n dllVer = fetch_file_version(sysPath:path, file_name:\"mscorlib.dll\");\n if(dllVer)\n {\n if(hotfix_check_sp(win2003:3) > 0)\n {\n # .NET Framework 1.1 Service Pack 1\n if(version_in_range(version:dllVer, test_version:\"1.1.4322.2000\", test_version2:\"1.1.4322.2501\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n }\n}\n\nkey = \"SOFTWARE\\Microsoft\\.NETFramework\\AssemblyFolders\\v3.0\";\nif(registry_key_exists(key:key))\n{\n path = registry_get_sz(key:key, item:\"All Assemblies In\");\n if(path){\n dllv3 = fetch_file_version(sysPath:path, file_name:\"system.identitymodel.dll\");\n }\n}\n\n# .NET Framework 3.0 Service Pack 2 on Windows XP and Windows Server 2003\nif(dllv3 && (hotfix_check_sp(xp:4, xpx64:3, win2003:3, win2003x64:3) > 0))\n{\n if(version_in_range(version:dllv3, test_version:\"3.0.4506.4000\", test_version2:\"3.0.4506.4036\") ||\n version_in_range(version:dllv3, test_version:\"3.0.4506.5000\", test_version2:\"3.0.4506.5844\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n\n# .NET Framework 3.0 Service Pack 2 on Windows Vista and Windows Server 2008\nif(dllv3 && (hotfix_check_sp(winVista:3, win2008:3) > 0))\n{\n if(version_in_range(version:dllv3, test_version:\"3.0.4506.4000\", test_version2:\"3.0.4506.4213\") ||\n version_in_range(version:dllv3, test_version:\"3.0.4506.5000\", test_version2:\"3.0.4506.5846\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n\n# .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2\nif(dllv3 && (hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) > 0))\n{\n if(version_in_range(version:dllv3, test_version:\"3.0.4506.5400\", test_version2:\"3.0.4506.5451\") ||\n version_in_range(version:dllv3, test_version:\"3.0.4506.5800\", test_version2:\"3.0.4506.5845\") ||\n version_in_range(version:dllv3, test_version:\"3.0.4506.5000\", test_version2:\"3.0.4506.5006\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:50", "bulletinFamily": "software", "description": "Print spooler service code execution, XML library integer overflow and memory corruption, multiple .Net vulnerabilities, Win32K privilege escalation SSL/TLS library protection bypass, Open Data Protocol DoS.", "modified": "2013-01-10T00:00:00", "published": "2013-01-10T00:00:00", "id": "SECURITYVULNS:VULN:12817", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12817", "title": "Microsoft Windows multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
