PT-2013-4198 · Microsoft · Windows Vista+6
Published
2013-07-09
·
Updated
2023-12-07
·
CVE-2013-3172
CVSS v2.0
4.9
Medium
| Vector | AV:L/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Windows XP versions SP2 through SP3
Windows Server 2003 version SP2
Windows Vista version SP2
Windows Server 2008 versions SP2 through R2 SP1
Windows 7 version SP1
Description
A denial of service issue exists due to improper handling of objects in memory by the Windows kernel-mode driver. This could allow an attacker to cause the target system to stop responding. The issue is related to a buffer overflow in the win32k.sys driver.
Recommendations
For Windows XP versions SP2 through SP3, update to a newer version to mitigate the risk.
For Windows Server 2003 version SP2, update to a newer version to mitigate the risk.
For Windows Vista version SP2, update to a newer version to mitigate the risk.
For Windows Server 2008 versions SP2 through R2 SP1, update to a newer version to mitigate the risk.
For Windows 7 version SP1, update to a newer version to mitigate the risk.
Fix
DoS
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows
Windows 7
Windows Server 2003
Windows Server 2008
Windows Vista
Windows Xp
Win32K.Sys