Lucene search
AnonymousZDI-13-024HistoryFeb 14, 2013 - 12:00 a.m.
Microsoft Windows OLE Automation Remote Code Execution Vulnerability
2013-02-1400:00:00
Anonymous
www.zerodayinitiative.com
21
0.941 High
EPSS
Percentile
99.2%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Microsoft Common Controls when handling RTF files. A specially crafted length can result in an integer overflow in a value that gets used as a length in a call to SysAllocStringLen. An attacker can leverage this vulnerability to execute code under the context of the current process.
Related
checkpoint_advisories
checkpoint_advisories
nessus
nessus
cvelist
cvelist
CVE-2013-1313
2013-02-13 11:00:00
CVE-2013-1306
2013-05-15 01:00:00
nvd
nvd
CVE-2013-1313
2013-02-13 12:04:14
CVE-2013-1306
2013-05-15 03:36:33
openvas
openvas
Microsoft OLE Automation Remote Code Execution Vulnerability (2802968)
2013-02-13 00:00:00
Microsoft OLE Automation Remote Code Execution Vulnerability (2802968)
2013-02-13 00:00:00
cve
cve
CVE-2013-1313
2013-02-13 12:04:14
CVE-2013-1306
2013-05-15 03:36:33
prion
prion
Remote code execution
2013-02-13 12:04:00
Design/Logic Flaw
2013-05-15 03:36:00
mskb
mskb
MS13-037: Cumulative Security Update for Internet Explorer: May 14, 2013
2013-05-14 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2013-03-02 00:00:00