Lucene search

[email protected]CVE-2013-3661

HistoryMay 24, 2013 - 8:55 p.m.

CVE-2013-3661

2013-05-2420:55:01

CWE-22

[email protected]

web.nvd.nist.gov

cve-2013-3661

epathobj

bflatten

win32k.sys

microsoft windows

dos

linked-list

traversal

pathrecord

nvd

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

JSON

The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not check whether linked-list traversal is continually accessing the same list member, which allows local users to cause a denial of service (infinite traversal) via vectors that trigger a crafted PATHRECORD chain.

Affected configurations

NVD

Node

microsoftwindows_7Match-sp1x64

microsoftwindows_7Match-sp1x86

microsoftwindows_8Match--x64

microsoftwindows_8Match--x86

microsoftwindows_rtMatch-

microsoftwindows_server_2003sp2

microsoftwindows_server_2008Match-sp2

microsoftwindows_server_2008Matchr2sp1

microsoftwindows_server_2012Match-

microsoftwindows_vistaMatch-sp2

microsoftwindows_xpsp3

microsoftwindows_xpMatch-sp2x64

CPENameOperatorVersion
microsoft:windows_7microsoft windows 7eq-
microsoft:windows_8microsoft windows 8eq-
microsoft:windows_rtmicrosoft windows rteq-
microsoft:windows_server_2003microsoft windows server 2003eq*
microsoft:windows_server_2008microsoft windows server 2008eq-
microsoft:windows_server_2008microsoft windows server 2008eqr2
microsoft:windows_server_2012microsoft windows server 2012eq-
microsoft:windows_vistamicrosoft windows vistaeq-
microsoft:windows_xpmicrosoft windows xpeq*
microsoft:windows_xpmicrosoft windows xpeq-

CPE	Name	Operator	Version
microsoft:windows_7	microsoft windows 7	eq	-
microsoft:windows_8	microsoft windows 8	eq	-
microsoft:windows_rt	microsoft windows rt	eq	-
microsoft:windows_server_2003	microsoft windows server 2003	eq	*
microsoft:windows_server_2008	microsoft windows server 2008	eq	-
microsoft:windows_server_2008	microsoft windows server 2008	eq	r2
microsoft:windows_server_2012	microsoft windows server 2012	eq	-
microsoft:windows_vista	microsoft windows vista	eq	-
microsoft:windows_xp	microsoft windows xp	eq	*
microsoft:windows_xp	microsoft windows xp	eq	-

References

archives.neohapsis.com/archives/fulldisclosure/2013-05/0094.html

archives.neohapsis.com/archives/fulldisclosure/2013-06/0006.html

secunia.com/advisories/53435

twitter.com/taviso/statuses/335557286657400832

www.computerworld.com/s/article/9239477

www.exploit-db.com/exploits/25611/

www.osvdb.org/93539

www.reddit.com/r/netsec/comments/1eqh66/0day_windows_kernel_epathobj_vulnerability/

www.theverge.com/2013/5/23/4358400/google-engineer-bashes-microsoft-discloses-windows-flaw

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

JSON

Related for CVE-2013-3661

seebug1 prion2 cvelist1 nvd2 nessus1 cve1