Lucene search

[email protected]CVE-2013-3182

HistoryAug 14, 2013 - 11:10 a.m.

CVE-2013-3182

2013-08-1411:10:36

CWE-119

[email protected]

web.nvd.nist.gov

windows nat

winnat

microsoft

windows server 2012

vulnerability

denial of service

crafted packets

nvd

cve-2013-3182

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.7 Medium

AI Score

Confidence

High

0.347 Low

EPSS

Percentile

97.1%

JSON

The Windows NAT Driver (aka winnat) service in Microsoft Windows Server 2012 does not properly validate memory addresses during the processing of ICMP packets, which allows remote attackers to cause a denial of service (memory corruption and system hang) via crafted packets, aka “Windows NAT Denial of Service Vulnerability.”

Affected configurations

NVD

Node

microsoftwindows_server_2012Match-

CPENameOperatorVersion
microsoft:windows_server_2012microsoft windows server 2012eq-

CPE	Name	Operator	Version
microsoft:windows_server_2012	microsoft windows server 2012	eq	-

References

www.us-cert.gov/ncas/alerts/TA13-225A

docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-064

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18199

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.7 Medium

AI Score

Confidence

High

0.347 Low

EPSS

Percentile

97.1%

JSON

Related for CVE-2013-3182

openvas2 cvelist1 nvd1 nessus1 symantec1 prion1 checkpoint_advisories1 securityvulns1