PT-2013-3043 · Microsoft · Windows+2

Published

2013-04-09

Updated

2018-10-12

CVE-2013-1284

CVSS v2.0

4.9

Medium

Vector

AV:L/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version Windows Server versions prior to the fixed version Windows RT versions prior to the fixed version

Description The issue is related to a race condition in the kernel that allows local users to gain privileges via a crafted application. This is due to the improper handling of objects in memory by the Windows kernel. An attacker who successfully exploits this could gain elevated privileges and read arbitrary amounts of kernel memory.

Recommendations For Microsoft Windows versions prior to the fixed version, update to the latest version to resolve the issue. For Windows Server versions prior to the fixed version, update to the latest version to resolve the issue. For Windows RT versions prior to the fixed version, update to the latest version to resolve the issue.

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2013-1284

Affected Products

Windows

Windows Rt

Windows Server

PT-2013-3043 · Microsoft · Windows+2

CVE-2013-1284

Weakness Enumeration

Related Identifiers

Affected Products

References · 6