CVE-2013-1251
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:C/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
19.8%
Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_7 | * | cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:* |
| microsoft | windows_7 | * | cpe:2.3:o:microsoft:windows_7:*:*:x86:*:*:*:*:* |
| microsoft | windows_7 | * | cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:* |
| microsoft | windows_7 | * | cpe:2.3:o:microsoft:windows_7:*:sp1:x86:*:*:*:*:* |
| microsoft | windows_server_2003 | * | cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:* |
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:C/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
19.8%