Lucene search
HistoryNov 29, 2013 - 3:55 p.m.
CVE-2013-6791
microsoft
emet
cve-2013-6791
address predictability
aslr
rop
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.5 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
76.1%
Microsoft Enhanced Mitigation Experience Toolkit (EMET) before 4.0 uses predictable addresses for hooked functions, which makes it easier for context-dependent attackers to defeat the ASLR protection mechanism via a return-oriented programming (ROP) attack.
Affected configurations
Node
microsoftenhanced_mitigation_experience_toolkitRange≤3.0
Related
nvd
nvd
CVE-2013-6791
2013-11-29 15:55:03
prion
prion
Design/Logic Flaw
2013-11-29 15:55:00
cvelist
cvelist
CVE-2013-6791
2013-11-29 15:00:00
nessus
nessus
Microsoft EMET 3.x >= 3.5 / 4.x < 4.0.4913.26122 ASLR Security Bypass
2013-12-03 00:00:00
openvas
openvas
Microsoft Enhanced Mitigation Experience Toolkit (EMET) ROP Vulnerability
2013-12-03 00:00:00
Microsoft Enhanced Mitigation Experience Toolkit (EMET) ROP Vulnerability
2013-12-03 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.5 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
76.1%
Related for CVE-2013-6791