Lucene search
VUPEN Security [ http://www.vupen.com ]ZDI-13-192HistoryAug 13, 2013 - 12:00 a.m.
(Pwn2Own) Microsoft Windows Shared Data ASLR Security Feature Bypass Vulnerability
2013-08-1300:00:00
VUPEN Security [ http://www.vupen.com ]
www.zerodayinitiative.com
19
0.047 Low
EPSS
Percentile
92.7%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the existence of KUSER_SHARED_DATA. The issue lies in the ability to predict the address of the structure, which can then be used to leak addresses. An attacker can leverage this to bypass ASLR and DEP on the host.
Related
prion
prion
Security feature bypass
2013-03-11 10:55:00
cvelist
cvelist
CVE-2013-2556
2013-03-11 10:00:00
seebug
seebug
Microsoft Windows ASLR安全绕过漏洞(CVE-2013-2556)
2013-03-20 00:00:00
cve
cve
CVE-2013-2556
2013-03-11 10:55:01
nvd
nvd
CVE-2013-2556
2013-03-11 10:55:01
openvas
openvas
Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2859537)
2013-08-14 00:00:00
Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2859537)
2013-08-14 00:00:00
nessus
nessus
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2013-09-09 00:00:00