CVE-2013-3880

2013-10-0914:53:24

CWE-264

[email protected]

web.nvd.nist.gov

cve-2013-3880

microsoft

windows 8

windows server 2012

windows rt

app container

elevation of privilege

vulnerability

kernel-mode drivers

6.3 Medium

AI Score

Confidence

Low

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

0.038 Low

EPSS

Percentile

91.8%

JSON

The App Container feature in the kernel-mode drivers in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to bypass intended access restrictions and obtain sensitive information from a different container via a Trojan horse application, aka “App Container Elevation of Privilege Vulnerability.”

Affected configurations

NVD

Node

microsoftwindows_8Match--x64

microsoftwindows_8Match--x86

microsoftwindows_rtMatch-

microsoftwindows_server_2012Match-

CPENameOperatorVersion
microsoft:windows_8microsoft windows 8eq-
microsoft:windows_rtmicrosoft windows rteq-
microsoft:windows_server_2012microsoft windows server 2012eq-