Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2022 Tenable Network Security, Inc.SMB_NT_MS13-022.NASL
HistoryMar 12, 2013 - 12:00 a.m.

MS13-022: Vulnerability in Microsoft Silverlight Could Allow Remote Code Execution (2814124)

2013-03-1200:00:00
This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.
www.tenable.com
51
JSON

The version of Microsoft Silverlight installed on the remote host reportedly incorrectly checks a memory pointer when rendering an HTML object, which could allow a specially crafted application to access memory in an unsafe fashion.

If an attacker could trick a user on the affected system into visiting a website hosting a malicious Silverlight application, the attacker could leverage this vulnerability to execute arbitrary code on the affected system, subject to the user’s privileges.

#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(65211);
  script_version("1.20");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/05/25");

  script_cve_id("CVE-2013-0074");
  script_bugtraq_id(58327);
  script_xref(name:"MSFT", value:"MS13-022");
  script_xref(name:"MSKB", value:"2814124");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/06/15");

  script_name(english:"MS13-022: Vulnerability in Microsoft Silverlight Could Allow Remote Code Execution (2814124)");

  script_set_attribute(attribute:"synopsis", value:
"A browser enhancement on the remote Windows host could allow arbitrary
code execution.");
  script_set_attribute(attribute:"description", value:
"The version of Microsoft Silverlight installed on the remote host
reportedly incorrectly checks a memory pointer when rendering an HTML
object, which could allow a specially crafted application to access
memory in an unsafe fashion.

If an attacker could trick a user on the affected system into visiting a
website hosting a malicious Silverlight application, the attacker could
leverage this vulnerability to execute arbitrary code on the affected
system, subject to the user's privileges.");
  script_set_attribute(attribute:"see_also", value:"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2013/ms13-022");
  script_set_attribute(attribute:"solution", value:
"Microsoft has released a set of patches for Silverlight 5.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-0074");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'MS13-022 Microsoft Silverlight ScriptObject Unsafe Memory Access');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/03/12");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/03/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/12");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:silverlight");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows : Microsoft Bulletins");

  script_copyright(english:"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.");

  script_dependencies("smb_hotfixes.nasl", "silverlight_detect.nasl", "ms_bulletin_checks_possible.nasl");
  script_require_keys("SMB/MS_Bulletin_Checks/Possible");
  script_require_ports(139, 445, "Host/patch_management_checks");

  exit(0);
}


include("audit.inc");
include("smb_hotfixes_fcheck.inc");
include("smb_hotfixes.inc");
include("smb_func.inc");
include("misc_func.inc");


get_kb_item_or_exit("SMB/MS_Bulletin_Checks/Possible");

bulletin = 'MS13-022';
kb = "2814124";

kbs = make_list(kb);
if (get_kb_item("Host/patch_management_checks")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);

get_kb_item_or_exit("SMB/Registry/Enumerated");

# Silverlight 5.x
ver = get_kb_item("SMB/Silverlight/Version");
fix = '5.1.20125.0';

if (!isnull(ver) && ver =~ '^5\\.' && ver_compare(ver:ver, fix:fix) == -1)
{
  path = get_kb_item("SMB/Silverlight/Path");
  report +=
    '\n  Product           : Microsoft Silverlight' +
    '\n  Path              : ' + path +
    '\n  Installed version : ' + ver +
    '\n  Fixed version     : ' + fix + '\n';
  hotfix_add_report(report, bulletin:bulletin, kb:kb);

  set_kb_item(name:"SMB/Missing/"+bulletin, value:TRUE);
  hotfix_security_hole();
  hotfix_check_fversion_end();
  exit(0);
}
else
{
  hotfix_check_fversion_end();
  audit(AUDIT_HOST_NOT, 'affected');
}
VendorProductVersionCPE
microsoftwindowscpe:/o:microsoft:windows
microsoftsilverlightcpe:/a:microsoft:silverlight

Related

threatpost 4
cisa_kev 1
seebug 1
symantec 1
metasploit 1
securityvulns 3
zdt 3
nessus 1
openvas 4
attackerkb 1
prion 1
cve 1
checkpoint_advisories 1
packetstorm 1
thn 1
exploitdb 2
avleonov 1
qualysblog 1
threatpost
threatpost
Blackhole and Cool Exploit Kits Nearly Extinct
2013-11-26 11:19:11
Critical IE, Windows Kernel Flaws Patched
2013-03-12 18:28:50
Exploit Kit Adds Vector for Silverlight Vulnerability
2013-11-19 15:24:15
cisa_kev
cisa_kev
Microsoft Silverlight Double Dereference Vulnerability
2022-05-25 00:00:00
seebug
seebug
MS12-022 Microsoft Internet Explorer COALineDashStyleArray Unsafe Memory Access
2014-07-01 00:00:00
symantec
symantec
Microsoft Silverlight Double Deference CVE-2013-0074 Remote Code Execution Vulnerability
2013-03-12 00:00:00
metasploit
metasploit
MS13-022 Microsoft Silverlight ScriptObject Unsafe Memory Access
2013-11-22 22:41:56
securityvulns
securityvulns
Microsoft Silverlight code execution
2013-03-13 00:00:00
Microsoft Silverlight information leakage
2013-11-05 00:00:00
[PSA-2013-1022-1] Microsoft Silverlight Invalid Typecast / Memory Disclosure
2013-11-05 00:00:00
zdt
zdt
MS12-022 Microsoft Internet Explorer COALineDashStyleArray Unsafe Memory Access
2013-11-27 00:00:00
Microsoft Internet Explorer COALineDashStyleArray Unsafe Memory Access
2013-11-26 00:00:00
Microsoft Silverlight - ScriptObject Unsafe Memory Access (MS13-022/MS13-087) Exploit
2017-03-23 00:00:00
nessus
nessus
MS13-022: Vulnerability in Silverlight Could Allow Remote Code Execution (2814124) (Mac OS X)
2013-03-12 00:00:00
openvas
openvas
Microsoft Silverlight Remote Code Execution Vulnerability (2814124)
2013-03-13 00:00:00
Microsoft Silverlight Remote Code Execution Vulnerability-2814124 (Mac OS X)
2013-03-13 00:00:00
Microsoft Silverlight Remote Code Execution Vulnerability (2814124) - Mac OS X
2013-03-13 00:00:00
attackerkb
attackerkb
CVE-2013-0074
2013-03-13 00:00:00
prion
prion
Double free
2013-03-13 00:55:00
cve
cve
CVE-2013-0074
2013-03-13 00:55:00
checkpoint_advisories
checkpoint_advisories
Microsoft Silverlight Pointer Dereference Memory Corruption (MS13-022; CVE-2013-0074; CVE-2013-3896)
2013-04-02 00:00:00
packetstorm
packetstorm
Microsoft Internet Explorer COALineDashStyleArray Unsafe Memory Access
2013-11-26 00:00:00
thn
thn
Netflix Users Targeted by Microsoft Silverlight Exploits
2014-05-21 01:59:00
exploitdb
exploitdb
Microsoft Internet Explorer - COALineDashStyleArray Unsafe Memory Access (MS12-022) (Metasploit)
2013-11-27 00:00:00
Microsoft Silverlight - ScriptObject Unsafe Memory Access (MS13-022/MS13-087) (Metasploit)
2013-03-12 00:00:00
avleonov
avleonov
September 2023: VM courses, Bahasa Indonesia, Russian Podcasts, Goodbye Tinkoff, MS Patch Tuesday, Qualys TOP 20, Linux, Forrester, GigaOm, R-Vision VM
2023-09-30 19:31:42
qualysblog
qualysblog
Qualys Top 20 Most Exploited Vulnerabilities
2023-09-04 14:00:00
JSON
Related for SMB_NT_MS13-022.NASL
threatpost4cisa_kev1seebug1symantec1metasploit1securityvulns3zdt3nessus1openvas4attackerkb1prion1cve1checkpoint_advisories1packetstorm1thn1exploitdb2avleonov1qualysblog1