Search...

CVE-2013-0004

2013-01-09T13:09:40

ID CVE-2013-0004
Type cve
Reporter NVD
Modified 2017-09-18T21:35:33

Description

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate the permissions of objects in memory, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka "Double Construction Vulnerability."

JSON Vulners Source

Initial Source

{"title": "CVE-2013-0004", "reporter": "NVD", "published": "2013-01-09T13:09:40", "cpe": ["cpe:/a:microsoft:.net_framework:4.0", "cpe:/a:microsoft:.net_framework:3.5.1", "cpe:/a:microsoft:.net_framework:2.0:sp2", "cpe:/a:microsoft:.net_framework:4.5", "cpe:/a:microsoft:.net_framework:3.5", "cpe:/a:microsoft:.net_framework:1.0:sp3", "cpe:/a:microsoft:.net_framework:1.1:sp1"], "cvelist": ["CVE-2013-0004"], "viewCount": 1, "objectVersion": "1.3", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0004", "bulletinFamily": "NVD", "hashmap": [{"hash": "a3e4dc0a6c1bb34f3aeaa21b7142ea74", "key": "assessment"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "239d96ea6258042cd4e3742a25b46666", "key": "cpe"}, {"hash": "f91b82a45361ebbfb30e1a3ad10d3f15", "key": "cvelist"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "d6eb5749a30c1a85bdccb45a48efc159", "key": "description"}, {"hash": "eeb60813f0a347dca42293290ad1a650", "key": "href"}, {"hash": "b011e8d2262d1685f75101bea17f394c", "key": "modified"}, {"hash": "8eeae3a3cc75081e02cfb9168fe857db", "key": "published"}, {"hash": "bf05df4047994c6a3403a8487a9df466", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "a2beb36361fff60bd1a6d4ceb41ae690", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}], "history": [{"bulletin": {"reporter": "NVD", "published": "2013-01-09T13:09:40", "cvelist": ["CVE-2013-0004"], "title": "CVE-2013-0004", "objectVersion": "1.2", "description": "Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate the permissions of objects in memory, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka \"Double Construction Vulnerability.\"", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0004", "bulletinFamily": "NVD", "id": "CVE-2013-0004", "history": [], "scanner": [], "enchantments": {}, "modified": "2013-11-02T23:29:19", "hash": "9b35af9be58459072a0ca71d26f41e7be33e94b0475d074a3665958f7dcabc0d", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "viewCount": 0, "edition": 1, "cpe": ["cpe:/a:microsoft:.net_framework:4.0", "cpe:/a:microsoft:.net_framework:3.5.1", "cpe:/a:microsoft:.net_framework:2.0:sp2", "cpe:/a:microsoft:.net_framework:4.5", "cpe:/a:microsoft:.net_framework:3.5", "cpe:/a:microsoft:.net_framework:1.0:sp3", "cpe:/a:microsoft:.net_framework:1.1:sp1"], "references": ["http://www.us-cert.gov/cas/techalerts/TA13-008A.html", "http://technet.microsoft.com/security/bulletin/MS13-004"], "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "239d96ea6258042cd4e3742a25b46666", "key": "cpe"}, {"hash": "d6eb5749a30c1a85bdccb45a48efc159", "key": "description"}, {"hash": "eeb60813f0a347dca42293290ad1a650", "key": "href"}, {"hash": "bf05df4047994c6a3403a8487a9df466", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "f91b82a45361ebbfb30e1a3ad10d3f15", "key": "cvelist"}, {"hash": "a0f53411f7238d8976b9499b939efa31", "key": "assessment"}, {"hash": "a2beb36361fff60bd1a6d4ceb41ae690", "key": "title"}, {"hash": "8eeae3a3cc75081e02cfb9168fe857db", "key": "published"}, {"hash": "0630d5b83db8e19a881ef787ab426272", "key": "modified"}], "lastseen": "2016-09-03T17:48:48", "assessment": {"name": "oval:org.mitre.oval:def:16339", "href": "http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16339", "system": "http://oval.mitre.org/XMLSchema/oval-definitions-5"}}, "differentElements": ["assessment", "modified"], "edition": 1, "lastseen": "2016-09-03T17:48:48"}], "scanner": [], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "modified": "2017-09-18T21:35:33", "hash": "ec293a5f690d17ba95cfa9b5bb0c1585ddfa4cc1bb415ed76fd078c8c5978a9a", "enchantments": {"vulnersScore": 9.3}, "edition": 2, "description": "Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate the permissions of objects in memory, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka \"Double Construction Vulnerability.\"", "references": ["http://www.us-cert.gov/cas/techalerts/TA13-008A.html", "http://technet.microsoft.com/security/bulletin/MS13-004"], "id": "CVE-2013-0004", "lastseen": "2017-09-19T13:38:32", "assessment": {"name": "oval:org.mitre.oval:def:16339", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16339", "system": "http://oval.mitre.org/XMLSchema/oval-definitions-5"}}

{"result": {"symantec": [{"id": "SMNTC-57113", "type": "symantec", "title": "Microsoft .NET Framework CVE-2013-0004 Remote Privilege Escalation Vulnerability", "description": "### Description\n\nThe Microsoft .NET Framework is prone to a remote privilege-escalation vulnerability. An attackers can exploit this issue to gain escalated privileges; this may result in the attacker gaining complete control of the affected system.\n\n### Technologies Affected\n\n * Microsoft .NET Framework 1.0 \n * Microsoft .NET Framework 1.0 SP1 \n * Microsoft .NET Framework 1.0 SP2 \n * Microsoft .NET Framework 1.0 SP3 \n * Microsoft .NET Framework 1.1 \n * Microsoft .NET Framework 1.1 SP1 \n * Microsoft .NET Framework 2.0 SP2 \n * Microsoft .NET Framework 3.5 \n * Microsoft .NET Framework 3.5.1 \n * Microsoft .NET Framework 4.0 \n * Microsoft .NET Framework 4.5 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nFilter access to the affected computer at the network boundary if global access isn't needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity such as unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\n**Implement multiple authentication mechanisms.** \nProvide an additional layer of authentication for sensitive or privileged information. \n\nUpdates are available. Please see the references for more information.\n", "published": "2013-01-08T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/57113", "cvelist": ["CVE-2013-0004"], "lastseen": "2018-03-13T12:07:32"}], "seebug": [{"id": "SSV:60582", "type": "seebug", "title": "Microsoft .NET Framework \u8fdc\u7a0b\u6743\u9650\u63d0\u5347\u6f0f\u6d1e(CVE-2013-0004)", "description": "Bugtraq ID:57113\r\nCVE ID: CVE-2013-0004\r\n\r\nMicrosoft .NET Framework\u662f\u4e00\u5957\u7531Microsoft\u5206\u53d1\u7684\u5e2e\u52a9\u5f00\u53d1\u8005\u6784\u5efa\u57fa\u4e8eWEB\u5e94\u7528\u7684\u7cfb\u7edf\r\n\r\nMicrosoft .NET Framework\u91cc\u5b58\u5728\u7684\u4e00\u4e2a\u4e24\u6b21\u6784\u5efa\u9519\u8bef\u4f1a\u5bfc\u81f4\u4e0d\u6b63\u786e\u9a8c\u8bc1\u5185\u5b58\u4e2d\u67d0\u4e9b\u5bf9\u8c61\u7684\u6743\u9650\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u6784\u5efa\u7279\u5236\u7684XMAL\u6d4f\u89c8\u5668\u5e94\u7528(XBAP)\u6216\u4e0d\u53ef\u4fe1\u7684.Net\u5e94\u7528\uff0c\u8bf1\u4f7f\u7528\u6237\u89e3\u6790\uff0c\u53ef\u5b8c\u5168\u63a7\u5236\u5e94\u7528\u7cfb\u7edf\uff0c\u6267\u884c\u4efb\u610f\u4ee3\u7801\r\n0\r\nMicrosoft .NET Framework 3.5.1\r\nMicrosoft .NET Framework 4.0\r\nMicrosoft .NET Framework 3.5\r\nMicrosoft .NET Framework 2.0 SP2\r\nMicrosoft .NET Framework 1.1 SP1\r\nMicrosoft .NET Framework 1.1\r\nMicrosoft .NET Framework 1.0 SP3\r\nMicrosoft .NET Framework 1.0 SP2\r\nMicrosoft .NET Framework 1.0 SP1\r\nMicrosoft .NET Framework 1.0\r\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6848\r\n\r\n-\u5728Internet Explorer\u4e2d\u7981\u7528XAML\u6d4f\u89c8\u5668\u5e94\u7528\r\n-\u628a\u53ef\u4fe1\u7ad9\u70b9\u6dfb\u52a0\u5230Internet Explorer\u53ef\u4fe1\u57df\u4e2d", "published": "2013-01-10T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.seebug.org/vuldb/ssvid-60582", "cvelist": ["CVE-2013-0004"], "lastseen": "2017-11-19T17:48:12"}, {"id": "SSV:60579", "type": "seebug", "title": "Microsoft .NET Framework\u8fdc\u7a0b\u6743\u9650\u63d0\u5347\u6f0f\u6d1e(MS13-004)", "description": "CVE ID: CVE-2013-0004\r\n\r\nMicrosoft .NET Framework\u662f\u4e00\u5957\u7531Microsoft\u5206\u53d1\u7684\u5e2e\u52a9\u5f00\u53d1\u8005\u6784\u5efa\u57fa\u4e8eWEB\u5e94\u7528\u7684\u7cfb\u7edf\u3002\r\nMicrosoft .NET Framework\u91cc\u5b58\u5728\u7684\u4e00\u4e2a\u4e24\u6b21\u6784\u5efa\u9519\u8bef\u4f1a\u5bfc\u81f4\u4e0d\u6b63\u786e\u9a8c\u8bc1\u5185\u5b58\u4e2d\u67d0\u4e9b\u5bf9\u8c61\u7684\u6743\u9650\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u6784\u5efa\u7279\u5236\u7684XMAL\u6d4f\u89c8\u5668\u5e94\u7528(XBAP)\u6216\u4e0d\u53ef\u4fe1\u7684.Net\u5e94\u7528\uff0c\u8bf1\u4f7f\u7528\u6237\u89e3\u6790\uff0c\u53ef\u5b8c\u5168\u63a7\u5236\u5e94\u7528\u7cfb\u7edf\uff0c\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n0\nMicrosoft .NET Framework 3.5.1\r\nMicrosoft .NET Framework 4.0\r\nMicrosoft .NET Framework 3.5\r\nMicrosoft .NET Framework 2.0 SP2\r\nMicrosoft .NET Framework 1.1 SP1\r\nMicrosoft .NET Framework 1.1\r\nMicrosoft .NET Framework 1.0 SP3\r\nMicrosoft .NET Framework 1.0 SP2\r\nMicrosoft .NET Framework 1.0 SP1\r\nMicrosoft .NET Framework 1.0\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6848\r\n\r\n-\u5728Internet Explorer\u4e2d\u7981\u7528XAML\u6d4f\u89c8\u5668\u5e94\u7528\r\n-\u628a\u53ef\u4fe1\u7ad9\u70b9\u6dfb\u52a0\u5230Internet Explorer\u53ef\u4fe1\u57df\u4e2d", "published": "2013-01-10T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.seebug.org/vuldb/ssvid-60579", "cvelist": ["CVE-2013-0004"], "lastseen": "2017-11-19T17:47:49"}], "openvas": [{"id": "OPENVAS:902939", "type": "openvas", "title": "Microsoft .NET Framework Privilege Elevation Vulnerability (2769324)", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS13-004.", "published": "2013-01-09T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=902939", "cvelist": ["CVE-2013-0002", "CVE-2013-0001", "CVE-2013-0004", "CVE-2013-0003"], "lastseen": "2017-07-02T21:11:19"}, {"id": "OPENVAS:1361412562310902939", "type": "openvas", "title": "Microsoft .NET Framework Privilege Elevation Vulnerability (2769324)", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS13-004.", "published": "2013-01-09T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902939", "cvelist": ["CVE-2013-0002", "CVE-2013-0001", "CVE-2013-0004", "CVE-2013-0003"], "lastseen": "2018-04-06T11:23:14"}], "nessus": [{"id": "SMB_NT_MS13-004.NASL", "type": "nessus", "title": "MS13-004: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2769324)", "description": "The remote Windows host is running a version of Microsoft .NET Framework that is affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability exists in the way the Windows Forms in .NET Framework handle pointers to unmanaged memory locations. (CVE-2013-0001)\n\n - A buffer overflow vulnerability in a Windows Form method in the .NET Framework exists that could be exploited to gain elevated privileges. (CVE-2013-0002)\n\n - A method in the S.DS.P namespace of the .NET Framework is affected by a buffer overflow vulnerability which could be exploited to gain elevated privileges.\n (CVE-2013-0003)\n\n - The way the .NET Framework validates permissions of certain objects in memory has a flaw that could be exploited to gain elevated privileges. (CVE-2013-0004).", "published": "2013-01-09T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=63422", "cvelist": ["CVE-2013-0002", "CVE-2013-0001", "CVE-2013-0004", "CVE-2013-0003"], "lastseen": "2017-10-29T13:45:10"}]}}