CVE-2013-1342

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k...

PT-2013-3096 · Microsoft · Windows Server 2003 +6

Name of the Vulnerable Software and Affected Versions: Windows XP versions SP2 and SP3 Windows Server 2003 version SP2 Windows Vista version SP2 Windows Server 2008 versions SP2 and R2 SP1 Windows 7 version SP1 Windows 8 affected versions not specified Description: The issue allows local users to...

PT-2013-4700 · Microsoft · Windows Xp +8

Name of the Vulnerable Software and Affected Versions: Windows XP versions SP2 and SP3 Windows Server 2003 version SP2 Windows Vista version SP2 Windows Server 2008 versions SP2 and R2 SP1 Windows 7 version SP1 Windows 8 Windows Server 2012 Windows RT Description: An issue exists in the Windows...

Microsoft Windows Kernel 'Win32k.sys' CVE-2013-1342 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...

August 2013 Security Bulletin Webcast, Q&A, and Slide Deck

Today we’re publishing the August 2013 Security Bulletin Webcast Questions & Answers page. We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Exchange Server MS13-061 and Windows Kernel MS13-063. There were 3 additional questions...

Memory corruption

The NT Virtual DOS Machine NTVDM subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileg...

Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2859537)

This host is missing an important security update according to Microsoft Bulletin MS13-063. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS13-005 HWND_BROADCAST Low to Medium Integrity Privilege Escalation

Due to a problem with isolating window broadcast messages in the Windows kernel, an attacker can broadcast commands from a lower Integrity Level process to a higher Integrity Level process, thereby effecting a privilege escalation. This issue affects Windows Vista, 7, 8, Server 2008, Server 2008...

PT-2013-4199 · Microsoft · Windows Xp +8

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 version SP1 Microsoft Windows 8 Microsof...

PT-2013-4198 · Microsoft · Windows Server 2003 +6

Name of the Vulnerable Software and Affected Versions: Windows XP versions SP2 through SP3 Windows Server 2003 version SP2 Windows Vista version SP2 Windows Server 2008 versions SP2 through R2 SP1 Windows 7 version SP1 Description: A denial of service issue exists due to improper handling of...

July 2013 Microsoft Patch Tuesday Security Updates

A critical Windows kernel vulnerability, publicly disclosed in May by a Google security engineer, will be patched tomorrow when Microsoft releases its July Patch Tuesday security updates. Tavis Ormandy, who has controversially disclosed Windows vulnerability details in the past, made a posting to...

PT-2013-4168 · Microsoft · Windows Server 2012 +6

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue is related to an integer overflow in the TCP/IP kernel-mode driver, which allows remote attackers to cause a denial of service, resulting in a system hang, via craft...

MS13-048: Vulnerability in Windows Kernel Could Allow Information Disclosure (2839229)

The remote host contains a flaw in the way the Windows kernel handles certain page fault system calls. Successful exploitation could allow disclosure of kernel memory, which could aid in further attacks. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid66864;...

Microsoft HTTP.SYS Remote Denial of Service Vulnerability

This vulnerability allows remote attackers to cause a denial of service condition on vulnerable installations of IIS. No user interaction is required to exploit this vulnerability. The specific flaw exists within handling of HTTP headers in the Windows kernel. By providing a duplicate of a...

MS13-046: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2840221)

The Windows kernel on the remote host has the following vulnerabilities : - A privilege escalation vulnerability exists in the Microsoft DirectX graphics kernel subsystem. CVE-2013-1332 - A privilege escalation vulnerability exists in the Windows kernel-mode driver. CVE-2013-1333, CVE-2013-1334 A...

Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2840221)

This host is missing an important security update according to Microsoft Bulletin MS13-046. OpenVAS Vulnerability Test $Id: secpodms13-046.nasl 5346 2017-02-19 08:43:11Z cfi $ Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities 2840221 Authors: Arun Kallavi Copyright:...

MS13-031: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2813170)

The Windows kernel on the remote host is affected by multiple race condition vulnerabilities, when the Windows kernel improperly handles objects in memory. A local attacker could exploit any of these vulnerabilities to elevate privileges. C Tenable Network Security, Inc. include"compat.inc"; if...

Microsoft flaw allows USB loaded with payload to bypass security controls

During March Patch Tuesday of 2013, Microsoft released seven new security bulletins, with four rated as critical, and others as Important. Most interesting one was MS13-027, which is rated as "important" because the attack requires physical access to the vulnerable machine. This flaw allows anyon...

Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2807986)

This host is missing an important security update according to Microsoft Bulletin MS13-027. OpenVAS Vulnerability Test $Id: secpodms13-027.nasl 5339 2017-02-18 16:28:22Z cfi $ Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities 2807986 Authors: Arun Kallavi Copyright:...

CVE-2013-1278

Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that...