Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows multiple security vulnerabilities
Published:12.06.2013
Source:
SecurityVulns ID:13122
Type:remote
Threat Level:
7/10
Description:Kernel information leakage, drivers DoS, print spooler privilege escalation.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
 MICROSOFT : Windows 2012 Server
CVE:CVE-2013-3138 (Integer overflow in the TCP/IP kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (system hang) via crafted TCP packets, aka "TCP/IP Integer Overflow Vulnerability.")
 CVE-2013-3136 (The kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly handle unspecified page-fault system calls, which allows local users to obtain sensitive information from kernel memory via a crafted application, aka "Kernel Information Disclosure Vulnerability.")
 CVE-2013-1339 (The Print Spooler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly manage memory during deletion of printer connections, which allows remote authenticated users to execute arbitrary code via a crafted request, aka "Print Spooler Vulnerability.")
Files:Microsoft Security Bulletin MS13-048 - Important Vulnerability in Windows Kernel Could Allow Information Disclosure (2839229)
 Microsoft Security Bulletin MS13-049 - Important Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (2845690)
 Microsoft Security Bulletin MS13-050 - Important Vulnerability in Windows Print Spooler Components Could Allow Elevation of Privilege (2839894)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod