Detections
Analytics

MS13-036: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2829996)

medium Nessus Plugin ID 65883

Language:

Synopsis

The Windows kernel on the remote host is affected by multiple vulnerabilities.

Description

The Windows kernel on the remote host has the following vulnerabilities :

 - Multiple race condition vulnerabilities exist.
 (CVE-2013-1283, CVE-2013-1292)

 - A font parsing vulnerability exists. (CVE-2013-1291)

 - An NTFS NULL pointer dereference vulnerability exists.
 (CVE-2013-1293)

A local attacker could exploit any of these vulnerabilities to elevate privileges.

Solution

Microsoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, 2008 R2, 8, and 2012.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2013/ms13-036

Plugin Details

Severity: Medium

ID: 65883

File Name: smb_nt_ms13-036.nasl

Version: 1.14

Type: local

Agent: windows

Published: 4/10/2013

Updated: 11/27/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.9

Temporal Score: 5.7

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2013-1293

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/9/2013

Vulnerability Publication Date: 4/9/2013

Exploitable With

Core Impact

Reference Information

CVE: CVE-2013-1283, CVE-2013-1291, CVE-2013-1292, CVE-2013-1293

BID: 58853, 58858, 58859, 58860

MSFT: MS13-036

MSKB: 2808735, 2840149