CVE-2013-5058

Name of the Vulnerable Software and Affected Versions Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 version SP1 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 versions Gold through R2

Description The issue allows local users to gain privileges via a crafted application. A denial of service condition exists due to improper handling of objects in memory by the Win32k.sys kernel-mode driver, which could cause the target system to stop responding.

Recommendations For Microsoft Windows XP versions SP2 through SP3, apply the patch to fix the integer overflow in the kernel-mode drivers. For Microsoft Windows Server 2003 version SP2, apply the patch to fix the integer overflow in the kernel-mode drivers. For Microsoft Windows Vista version SP2, apply the patch to fix the integer overflow in the kernel-mode drivers. For Microsoft Windows Server 2008 versions SP2 through R2 SP1, apply the patch to fix the integer overflow in the kernel-mode drivers. For Microsoft Windows 7 version SP1, apply the patch to fix the integer overflow in the kernel-mode drivers. For Microsoft Windows 8, apply the patch to fix the integer overflow in the kernel-mode drivers. For Microsoft Windows 8.1, apply the patch to fix the integer overflow in the kernel-mode drivers. For Microsoft Windows Server 2012 versions Gold through R2, apply the patch to fix the integer overflow in the kernel-mode drivers.