Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiAnonymousZDI-23-573
HistoryMay 10, 2023 - 12:00 a.m.

Microsoft Windows PE Parsing Integer Overflow Denial-of-Service Vulnerability

2023-05-1000:00:00
Anonymous
www.zerodayinitiative.com
23
microsoft
windows
pe
parsing
integer overflow
denial-of-service
remote attackers
user interaction
relocation tables
validation
user-supplied data
integer overflow
persistent condition.

EPSS

0.001

Percentile

23.6%

JSON

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of relocation tables in PE files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when performing a bounds check before reading from memory. An attacker can leverage this vulnerability to create a persistent denial-of-service condition on the system.

Related

mscve 1
nvd 1
cvelist 1
prion 1
cve 1
talosblog 1
qualysblog 1
nessus 5
mskb 6
openvas 2
kaspersky 1
rapid7blog 1
mscve
mscve
Windows Kernel Elevation of Privilege Vulnerability
2023-05-09 07:00:00
nvd
nvd
CVE-2023-24949
2023-05-09 18:15:13
cvelist
cvelist
CVE-2023-24949 Windows Kernel Elevation of Privilege Vulnerability
2023-05-09 17:02:59
prion
prion
Privilege escalation
2023-05-09 18:15:00
cve
cve
CVE-2023-24949
2023-05-09 18:15:13
talosblog
talosblog
Microsoft Patch Tuesday for May 2023 β€” Fewest vulnerabilities disclosed in a month in three-plus years
2023-05-09 17:47:29
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, May 2023 Security Update Review
2023-05-09 21:24:08
nessus
nessus
KB5026370: Windows 2022 / Azure Stack HCI 22H2 Security Update (May 2023)
2023-05-09 00:00:00
KB5026372: Windows 11 version 22H2 Security Update (May 2023)
2023-05-09 00:00:00
KB5026362: Windows 10 version 1809 / Windows Server 2019 Security Update (May 2023)
2023-05-09 00:00:00
mskb
mskb
May 9, 2023β€”Hotpatch KB5026456 (OS Build 20348.1724)
2023-05-09 07:00:00
May 9, 2023β€”KB5026362 (OS Build 17763.4377)
2023-05-09 07:00:00
May 9, 2023β€”KB5026361 (OS Builds 19042.2965, 19044.2965, and 19045.2965)
2023-05-09 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5026368)
2023-07-19 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5026361)
2023-05-10 00:00:00
kaspersky
kaspersky
KLA49154 Multiple vulnerabilities in Microsoft Windows
2023-05-09 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - May 2023
2023-05-09 20:02:02

EPSS

0.001

Percentile

23.6%

JSON
Related for ZDI-23-573
mscve1nvd1cvelist1prion1cve1talosblog1qualysblog1nessus5mskb6openvas2kaspersky1rapid7blog1