Executive Summary

Summary
TitleVulnerability in Microsoft Graphics Component Could Allow Remote Code Execution
Informations
NameMS13-096First vendor Publication2013-12-10
VendorMicrosoftLast vendor Modification2013-12-20
Severity (Vendor) VersionRevision1.2

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Severity Rating: Critical
Revision Note: V1.2 (December 20, 2013): Revised the Based on the configuration of my system, how do I know if my system is affected? Update FAQ to include the updates that are applicable for each configuration. This is an informational change only.
Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Windows, Microsoft Office, and Microsoft Lync. The vulnerability could allow remote code execution if a user views content that contains specially crafted TIFF files.

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS13-096

CWE : Common Weakness Enumeration

%idName
100 %CWE-94Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:21019
 
Oval ID: oval:org.mitre.oval:def:21019
Title: Microsoft Graphics Component Memory Corruption Vulnerability (CVE-2013-3906) - MS13-096
Description: GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013.
Family: windows Class: vulnerability
Reference(s): CVE-2013-3906
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Microsoft Office 2003
Microsoft Office 2007
Microsoft Office 2010
Microsoft Word Viewer
Microsoft Excel Viewer 2007
Microsoft PowerPoint Viewer 2010
Microsoft Lync 2010
Microsoft Lync Basic 2013
Microsoft Lync 2010 Attendee
Microsoft Office Compatibility Pack
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application5
Application2
Application6
Os3
Os2

ExploitDB Exploits

idDescription
2013-12-03Microsoft Tagged Image File Format (TIFF) Integer Overflow

Information Assurance Vulnerability Management (IAVM)

DateDescription
2013-12-12IAVM : 2013-A-0225 - Microsoft GDI Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0042593

Snort® IPS/IDS

DateDescription
2014-01-10Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28526 - Revision : 8 - Type : FILE-OFFICE
2014-01-10Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28525 - Revision : 8 - Type : FILE-OFFICE
2014-01-10Microsoft GDI library TIFF handling memory corruption attempt
RuleID : 28488 - Revision : 3 - Type : OS-WINDOWS
2014-01-10Microsoft GDI library TIFF handling memory corruption attempt
RuleID : 28487 - Revision : 3 - Type : OS-WINDOWS
2014-01-10Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28473 - Revision : 8 - Type : FILE-OFFICE
2014-01-10Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28472 - Revision : 8 - Type : FILE-OFFICE
2014-01-10Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28471 - Revision : 9 - Type : FILE-OFFICE
2014-01-10Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28470 - Revision : 9 - Type : FILE-OFFICE
2014-01-10Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28469 - Revision : 9 - Type : FILE-OFFICE
2014-01-10Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28468 - Revision : 9 - Type : FILE-OFFICE
2014-01-10Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28467 - Revision : 9 - Type : FILE-OFFICE
2014-01-10Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28466 - Revision : 9 - Type : FILE-OFFICE
2014-01-10Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28465 - Revision : 9 - Type : FILE-OFFICE
2014-01-10Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28464 - Revision : 9 - Type : FILE-OFFICE

Metasploit Database

idDescription
2013-11-05 MS13-096 Microsoft Tagged Image File Format (TIFF) Integer Overflow

Nessus® Vulnerability Scanner

DateDescription
2013-12-11Name : The remote Windows host has a remote code execution vulnerability.
File : smb_nt_ms13-096.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
DateInformations
2016-04-27 02:03:27
  • Multiple Updates
2014-05-06 11:35:11
  • Multiple Updates
2014-05-06 11:32:38
  • Multiple Updates
2014-04-19 00:26:10
  • Multiple Updates
2014-04-19 00:17:53
  • Multiple Updates
2014-04-18 21:28:40
  • Multiple Updates
2014-04-18 21:19:12
  • Multiple Updates
2014-04-18 17:26:26
  • Multiple Updates
2014-04-18 17:18:16
  • Multiple Updates
2014-04-18 13:29:57
  • Multiple Updates
2014-04-18 13:19:12
  • Multiple Updates
2014-04-18 09:27:12
  • Multiple Updates
2014-04-18 09:18:35
  • Multiple Updates
2014-04-18 05:28:04
  • Multiple Updates
2014-04-18 05:19:38
  • Multiple Updates
2014-04-18 00:26:23
  • Multiple Updates
2014-04-18 00:18:01
  • Multiple Updates
2014-04-17 21:26:02
  • Multiple Updates
2014-04-17 21:18:59
  • Multiple Updates
2014-04-17 17:26:40
  • Multiple Updates
2014-04-17 17:18:09
  • Multiple Updates
2014-04-17 13:29:35
  • Multiple Updates
2014-04-17 13:19:17
  • Multiple Updates
2014-04-17 09:07:48
  • Multiple Updates
2014-02-17 11:47:52
  • Multiple Updates
2014-01-19 21:31:00
  • Multiple Updates
2014-01-03 17:19:09
  • Multiple Updates
2013-12-21 05:15:52
  • Multiple Updates
2013-12-13 21:19:30
  • Multiple Updates
2013-12-13 13:23:09
  • Multiple Updates
2013-12-11 05:16:01
  • Multiple Updates
2013-12-10 21:16:26
  • First insertion