PT-2013-4166 · Microsoft · Windows Vista+6
J00Ru
+1
·
Published
2013-06-11
·
Updated
2019-02-26
·
CVE-2013-3136
CVSS v2.0
4.4
Medium
| Vector | AV:L/AC:M/Au:S/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Windows XP version SP3
Windows Server 2003 version SP2
Windows Vista version SP2
Windows Server 2008 version SP2
Windows 7 version SP1
Windows 8 on 32-bit platforms
Description
An issue exists where the Windows kernel does not properly handle objects in memory, allowing local users to obtain sensitive information from kernel memory. This could be achieved via a crafted application.
Recommendations
For Windows XP SP3, update to a newer version to mitigate the risk.
For Windows Server 2003 SP2, update to a newer version to mitigate the risk.
For Windows Vista SP2, update to a newer version to mitigate the risk.
For Windows Server 2008 SP2, update to a newer version to mitigate the risk.
For Windows 7 SP1, update to a newer version to mitigate the risk.
For Windows 8 on 32-bit platforms, update to a newer version to mitigate the risk.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows
Windows 7
Windows 8
Windows Server 2003
Windows Server 2008
Windows Vista
Windows Xp