Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2013-1296
HistoryApr 09, 2013 - 10:55 p.m.

CVE-2013-1296

2013-04-0922:55:01
CWE-94
[email protected]
web.nvd.nist.gov
4

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8

Confidence

Low

EPSS

0.923

Percentile

99.0%

JSON

The Remote Desktop ActiveX control in mstscax.dll in Microsoft Remote Desktop Connection Client 6.1 and 7.0 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a web page that triggers access to a deleted object, and allows remote RDP servers to execute arbitrary code via unspecified vectors that trigger access to a deleted object, aka β€œRDP ActiveX Control Remote Code Execution Vulnerability.”

Affected configurations

Nvd
Node
microsoftremote_desktop_connectionMatch6.1
OR
microsoftremote_desktop_connectionMatch7.0
VendorProductVersionCPE
microsoftremote_desktop_connection6.1cpe:2.3:a:microsoft:remote_desktop_connection:6.1:*:*:*:*:*:*:*
microsoftremote_desktop_connection7.0cpe:2.3:a:microsoft:remote_desktop_connection:7.0:*:*:*:*:*:*:*

Related

openvas 2
securityvulns 1
checkpoint_advisories 1
prion 1
cvelist 1
mskb 1
nessus 1
cve 1
zdi 1
seebug 1
symantec 1
openvas
openvas
Microsoft RDP ActiveX Control Remote Code Execution Vulnerability (2828223)
2013-04-10 00:00:00
Microsoft RDP ActiveX Control Remote Code Execution Vulnerability (2828223)
2013-04-10 00:00:00
securityvulns
securityvulns
Microsoft Remote Desktop Connection Client ActiveX code execution
2013-04-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows RDP ActiveX Control Remote Code Execution (MS13-029; CVE-2013-1296)
2013-04-09 00:00:00
prion
prion
Remote code execution
2013-04-09 22:55:00
cvelist
cvelist
CVE-2013-1296
2013-04-09 22:00:00
mskb
mskb
MS13-029: Vulnerability in Remote Desktop Client could allow remote code execution: April 9, 2013
2013-04-09 00:00:00
nessus
nessus
MS13-029: Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2828223)
2013-04-10 00:00:00
cve
cve
CVE-2013-1296
2013-04-09 22:55:01
zdi
zdi
Microsoft Internet Explorer RDP ActiveX Control Remote Code Execution Vulnerability
2013-05-10 00:00:00
seebug
seebug
Microsoft Remote Desktop ActiveXζŽ§δ»ΆθΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄ž(CVE-2013-1296)(MS13-029)
2013-04-11 00:00:00
symantec
symantec
Microsoft Remote Desktop ActiveX Control CVE-2013-1296 Remote Code Execution Vulnerability
2013-04-09 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8

Confidence

Low

EPSS

0.923

Percentile

99.0%

JSON
Related for NVD:CVE-2013-1296
openvas2securityvulns1checkpoint_advisories1prion1cvelist1mskb1nessus1cve1zdi1seebug1symantec1