Detections
Analytics

MS13-046: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2840221)

high Nessus Plugin ID 66422

Language:

Synopsis

The Windows kernel on the remote host is affected by multiple vulnerabilities.

Description

The Windows kernel on the remote host has the following vulnerabilities :

 - A privilege escalation vulnerability exists in the Microsoft DirectX graphics kernel subsystem.
 (CVE-2013-1332)

 - A privilege escalation vulnerability exists in the Windows kernel-mode driver. (CVE-2013-1333, CVE-2013-1334)

A local attacker could exploit any of these vulnerabilities to elevate privileges.

Solution

Microsoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, 2008 R2, 8, and 2012.

See Also

http://www.nessus.org/u?a23098ff

Plugin Details

Severity: High

ID: 66422

File Name: smb_nt_ms13-046.nasl

Version: 1.14

Type: local

Agent: windows

Published: 5/15/2013

Updated: 11/27/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 6.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/14/2013

Vulnerability Publication Date: 5/14/2013

Exploitable With

Core Impact

Reference Information

CVE: CVE-2013-1332, CVE-2013-1333, CVE-2013-1334

BID: 59749, 59750, 59782

MSFT: MS13-046

MSKB: 2829361, 2830290