Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name TA13-134A First vendor Publication 2013-05-14
Vendor US-CERT Last vendor Modification 2013-05-14
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Overview

Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.


Description


The Microsoft Security Bulletin Summary for May 2013 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address these vulnerabilities.


Impact


A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system.


Solution


Apply Updates

Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for May 2013, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates.


Original Source

Url : http://www.us-cert.gov/cas/techalerts/TA13-134A.html

CWE : Common Weakness Enumeration

% Id Name
30 % CWE-416 Use After Free
17 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
13 % CWE-20 Improper Input Validation
10 % CWE-94 Failure to Control Generation of Code ('Code Injection')
7 % CWE-399 Resource Management Errors
7 % CWE-200 Information Exposure
7 % CWE-189 Numeric Errors (CWE/SANS Top 25)
3 % CWE-287 Improper Authentication
3 % CWE-264 Permissions, Privileges, and Access Controls
3 % CWE-190 Integer Overflow or Wraparound (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15830
 
Oval ID: oval:org.mitre.oval:def:15830
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-3140) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted CMarkup object, aka "Internet Explorer Use After Free Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-3140
Version: 7
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Product(s): Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15952
 
Oval ID: oval:org.mitre.oval:def:15952
Title: Vulnerability in Lync Could Allow Remote Code Execution - MS13-041
Description: Microsoft Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, and Lync Server 2013 do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an invitation that triggers access to a deleted object, aka "Lync RCE Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1302
Version: 8
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Microsoft Communicator 2007 R2
Microsoft Lync 2010
Microsoft Lync 2010 Attendee
Microsoft Lync Server 2013
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15979
 
Oval ID: oval:org.mitre.oval:def:15979
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-0811) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1307.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0811
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16088
 
Oval ID: oval:org.mitre.oval:def:16088
Title: Vulnerability in HTTP.sys could allow denial of service - MS13-039
Description: HTTP.sys in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP header, aka "HTTP.sys Denial of Service Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1305
Version: 3
Platform(s): Microsoft Windows 8
Microsoft Windows Server 2012
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16091
 
Oval ID: oval:org.mitre.oval:def:16091
Title: Win32k Window Handle Vulnerability - MS13-046
Description: win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Window Handle Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1334
Version: 4
Platform(s): Microsoft Windows XP
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16204
 
Oval ID: oval:org.mitre.oval:def:16204
Title: Vulnerability in Windows Essentials Could Allow Information Disclosure - MS13-045
Description: Writer in Microsoft Windows Essentials 2011 and 2012 allows remote attackers to bypass proxy settings and overwrite arbitrary files via crafted URL parameters, aka "Windows Essentials Improper URI Handling Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-0096
Version: 3
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Windows Essentials 2012
Microsoft Windows Essentials 2011
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16229
 
Oval ID: oval:org.mitre.oval:def:16229
Title: Word Shape Corruption Vulnerability - MS13-043
Description: Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to execute arbitrary code via crafted shape data in a Word document, aka "Word Shape Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1335
Version: 9
Platform(s): Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Office 2003
Microsoft Office Word Viewer
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16317
 
Oval ID: oval:org.mitre.oval:def:16317
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-2551) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-1309.
Family: windows Class: vulnerability
Reference(s): CVE-2013-2551
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16328
 
Oval ID: oval:org.mitre.oval:def:16328
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-1312) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1312
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16332
 
Oval ID: oval:org.mitre.oval:def:16332
Title: DirectX Graphics Kernel Subsystem Double Fetch Vulnerability - MS13-046
Description: dxgkrnl.sys (aka the DirectX graphics kernel subsystem) in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "DirectX Graphics Kernel Subsystem Double Fetch Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1332
Version: 6
Platform(s): Microsoft Windows Server 2012
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16355
 
Oval ID: oval:org.mitre.oval:def:16355
Title: Signed integer vulnerability in Microsoft Publisher - MS13-042
Description: Integer signedness error in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers an improper memory allocation, aka "Publisher Signed Integer Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1327
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16396
 
Oval ID: oval:org.mitre.oval:def:16396
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-1309) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-2551.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1309
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16398
 
Oval ID: oval:org.mitre.oval:def:16398
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-1306) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1313.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1306
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Product(s): Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16415
 
Oval ID: oval:org.mitre.oval:def:16415
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-1308) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1309 and CVE-2013-2551.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1308
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16518
 
Oval ID: oval:org.mitre.oval:def:16518
Title: JSON Array Information Disclosure Vulnerability - (CVE-2013-1297) MS13-037
Description: Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which allows remote attackers to perform cross-domain reading of JSON files via a crafted web site, aka "JSON Array Information Disclosure Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1297
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16525
 
Oval ID: oval:org.mitre.oval:def:16525
Title: Return value validation vulnerability in Microsoft Publisher - MS13-042
Description: Microsoft Publisher 2003 SP3 does not properly check the data type of an unspecified return value, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Validation Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1321
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16548
 
Oval ID: oval:org.mitre.oval:def:16548
Title: Integer overflow vulnerability in Microsoft Publisher - MS13-042
Description: Integer overflow in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers an improper allocation-size calculation, aka "Publisher Integer Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1317
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16554
 
Oval ID: oval:org.mitre.oval:def:16554
Title: Buffer underflow vulnerability in Microsoft Publisher - CVE-2013-1329 - MS13-042
Description: Integer signedness error in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers a buffer underflow, aka "Publisher Buffer Underflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1329
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16559
 
Oval ID: oval:org.mitre.oval:def:16559
Title: Microsoft .NET Framework Common Language Runtime spoofing vulnerability - (CVE-2013-1336) MS13-040
Description: The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check signatures, which allows remote attackers to make undetected changes to signed XML documents via unspecified vectors that preserve signature validity, aka "XML Digital Signature Spoofing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1336
Version: 7
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0
Microsoft .NET Framework 4.5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16584
 
Oval ID: oval:org.mitre.oval:def:16584
Title: Negative value allocation vulnerability in Microsoft Publisher - MS13-042
Description: Microsoft Publisher 2003 SP3 does not properly validate the size of an unspecified array, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Negative Value Allocation Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1316
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16650
 
Oval ID: oval:org.mitre.oval:def:16650
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-1307) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-0811.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1307
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16669
 
Oval ID: oval:org.mitre.oval:def:16669
Title: Invalid range check vulnerability in Microsoft Publisher - MS13-042
Description: Microsoft Publisher 2003 SP3 does not properly check table range data, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Invalid Range Check Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1322
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16682
 
Oval ID: oval:org.mitre.oval:def:16682
Title: Corrupt interface pointer vulnerability in Microsoft Publisher - MS13-042
Description: Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers access to an invalid pointer, aka "Publisher Corrupt Interface Pointer Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1318
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16689
 
Oval ID: oval:org.mitre.oval:def:16689
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-1310) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1310
Version: 5
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16727
 
Oval ID: oval:org.mitre.oval:def:16727
Title: Internet Explorer Use After Free Vulnerability - MS13-038
Description: Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1347
Version: 5
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16733
 
Oval ID: oval:org.mitre.oval:def:16733
Title: Incorrect NULL value handling vulnerability in Microsoft Publisher - MS13-042
Description: Microsoft Publisher 2003 SP3 does not properly handle NULL values for unspecified data items, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Incorrect NULL Value Handling Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1323
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16738
 
Oval ID: oval:org.mitre.oval:def:16738
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-1311) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1311
Version: 9
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16741
 
Oval ID: oval:org.mitre.oval:def:16741
Title: Mircosoft .NET Framework authentication bypass vulnerability - (CVE-2013-1337) MS13-040
Description: Microsoft .NET Framework 4.5 does not properly create policy requirements for custom Windows Communication Foundation (WCF) endpoint authentication in certain situations involving passwords over HTTPS, which allows remote attackers to bypass authentication by sending queries to an endpoint, aka "Authentication Bypass Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1337
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Microsoft .NET Framework 4.5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16749
 
Oval ID: oval:org.mitre.oval:def:16749
Title: Return value handling vulnerability in Microsoft Publisher - MS13-042
Description: Microsoft Publisher 2003 SP3 does not properly check the return value of an unspecified method, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Handling Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1319
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16750
 
Oval ID: oval:org.mitre.oval:def:16750
Title: Vulnerability in Microsoft Visio Could Allow Information Disclosure - MS13-044
Description: Microsoft Visio 2003 SP3 2007 SP3, and 2010 SP1 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, aka "XML External Entities Resolution Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1301
Version: 3
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Visio 2003
Microsoft Visio 2007
Microsoft Visio 2010
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16765
 
Oval ID: oval:org.mitre.oval:def:16765
Title: Pointer handling vulnerability in Microsoft Publisher - MS13-042
Description: Microsoft Publisher 2003 SP3, 2007 SP3, and 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers incorrect pointer handling, aka "Publisher Pointer Handling Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1328
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Microsoft Publisher 2007
Microsoft Publisher 2010
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16769
 
Oval ID: oval:org.mitre.oval:def:16769
Title: Win32k Buffer Overflow Vulnerability - MS13-046
Description: Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Buffer Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1333
Version: 3
Platform(s): Microsoft Windows 7
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16776
 
Oval ID: oval:org.mitre.oval:def:16776
Title: Buffer overflow vulnerability in Microsoft Publisher - MS13-042
Description: Buffer overflow in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Buffer Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1320
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 5
Application 5
Application 3
Application 1
Application 1
Application 3
Application 3
Application 2
Application 1
Application 1
Os 4
Os 2
Os 1
Os 1
Os 6
Os 1
Os 3
Os 2

SAINT Exploits

Description Link
Internet Explorer textNode Style Computation Use After Free Vulnerability More info here
Internet Explorer VML Dashstyle Attributes Integer Overflow More info here
Internet Explorer CGenericElement Object Use-after-free Vulnerability More info here

Information Assurance Vulnerability Management (IAVM)

Date Description
2013-05-16 IAVM : 2013-A-0107 - Multiple Microsoft Publisher Remote Code Execution Vulnerabilities
Severity : Category II - VMSKEY : V0037937
2013-05-16 IAVM : 2013-B-0051 - Microsoft Lync Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0037938
2013-05-16 IAVM : 2013-B-0053 - Microsoft Windows HTTP.sys Denial of Service Vulnerability
Severity : Category I - VMSKEY : V0037939
2013-05-16 IAVM : 2013-B-0052 - Microsoft Visio Information Disclosure Vulnerability
Severity : Category II - VMSKEY : V0037941

Snort® IPS/IDS

Date Description
2017-03-01 Microsoft Windows Win32 Divide Error Exception Denial of Service attempt
RuleID : 41465 - Revision : 2 - Type : FILE-EXECUTABLE
2017-03-01 Microsoft Windows Win32 Divide Error Exception Denial of Service attempt
RuleID : 41464 - Revision : 2 - Type : FILE-EXECUTABLE
2017-03-01 Microsoft Windows Win32 Divide Error Exception Denial of Service attempt
RuleID : 41463 - Revision : 2 - Type : FILE-EXECUTABLE
2017-03-01 Microsoft Windows Win32 Divide Error Exception Denial of Service attempt
RuleID : 41462 - Revision : 2 - Type : FILE-EXECUTABLE
2016-04-05 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 38011 - Revision : 1 - Type : BROWSER-PLUGINS
2016-04-05 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 38010 - Revision : 1 - Type : BROWSER-PLUGINS
2016-04-05 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 38009 - Revision : 1 - Type : BROWSER-PLUGINS
2016-04-05 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 38008 - Revision : 1 - Type : BROWSER-PLUGINS
2016-04-05 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 38007 - Revision : 1 - Type : BROWSER-PLUGINS
2016-04-05 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 38006 - Revision : 1 - Type : BROWSER-PLUGINS
2016-04-05 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 38005 - Revision : 1 - Type : BROWSER-PLUGINS
2016-04-05 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 38004 - Revision : 1 - Type : BROWSER-PLUGINS
2016-04-05 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 38003 - Revision : 1 - Type : BROWSER-PLUGINS
2016-04-05 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 38002 - Revision : 1 - Type : BROWSER-PLUGINS
2016-04-05 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 38001 - Revision : 1 - Type : BROWSER-PLUGINS
2016-04-05 IE MsRdpClient ActiveX attempt
RuleID : 38000 - Revision : 2 - Type : BROWSER-PLUGINS
2016-04-05 IE MsRdpClient ActiveX attempt
RuleID : 37999 - Revision : 1 - Type : BROWSER-PLUGINS
2016-04-05 IE MsRdpClient ActiveX attempt
RuleID : 37998 - Revision : 1 - Type : BROWSER-PLUGINS
2016-04-05 IE MsRdpClient ActiveX attempt
RuleID : 37997 - Revision : 2 - Type : BROWSER-PLUGINS
2016-04-05 IE MsRdpClient ActiveX attempt
RuleID : 37996 - Revision : 1 - Type : BROWSER-PLUGINS
2016-04-05 IE MsRdpClient ActiveX attempt
RuleID : 37995 - Revision : 1 - Type : BROWSER-PLUGINS
2015-04-30 Nuclear exploit kit obfuscated file download
RuleID : 33983 - Revision : 4 - Type : EXPLOIT-KIT
2015-04-30 Nuclear exploit kit landing page detected
RuleID : 33982 - Revision : 3 - Type : EXPLOIT-KIT
2014-11-16 Microsoft Internet Explorer CSS .ipsum layout use-after-free attempt
RuleID : 31585 - Revision : 3 - Type : BROWSER-IE
2014-11-16 Microsoft Internet Explorer CSS .ipsum layout use-after-free attempt
RuleID : 31584 - Revision : 3 - Type : BROWSER-IE
2014-03-15 Microsoft Internet Explorer 8 deleted object access via timer memory corrupti...
RuleID : 29803 - Revision : 3 - Type : BROWSER-IE
2014-03-15 Microsoft Internet Explorer 8 deleted object access via timer memory corrupti...
RuleID : 29802 - Revision : 3 - Type : BROWSER-IE
2014-03-06 Microsoft Internet Explorer VML array with negative length memory corruption ...
RuleID : 29602 - Revision : 3 - Type : BROWSER-IE
2014-01-10 Nuclear exploit kit Microsoft Internet Explorer vulnerability request
RuleID : 28424 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10 Himan exploit kit landing page
RuleID : 28307 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10 Private exploit kit outbound traffic
RuleID : 27144-community - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10 Private exploit kit outbound traffic
RuleID : 27144 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10 Private exploit kit landing page
RuleID : 27143 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10 Private exploit kit landing page
RuleID : 27142 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10 Private exploit kit landing page
RuleID : 27141 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10 Private exploit kit numerically named exe file dowload
RuleID : 27140 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10 Microsoft Internet Explorer 8 deleted object access via timer memory corrupti...
RuleID : 27062 - Revision : 2 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer 8 deleted object access via timer memory corrupti...
RuleID : 27061 - Revision : 3 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer CDispNode float css element use after free attempt
RuleID : 26754 - Revision : 2 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer CDispNode float css element use after free attempt
RuleID : 26753 - Revision : 3 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer null object access attempt
RuleID : 26668 - Revision : 3 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer ANIMATECOLOR SMIL access attempt
RuleID : 26666 - Revision : 5 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer runtimeStyle memory corruption attempt
RuleID : 26642 - Revision : 3 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer runtimeStyle memory corruption attempt
RuleID : 26641 - Revision : 4 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer XML digital signature transformation of digest value
RuleID : 26640 - Revision : 7 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer XML digital signature transformation of digest value
RuleID : 26639 - Revision : 7 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer VML array with negative length memory corruption ...
RuleID : 26638 - Revision : 6 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer DCOMTextNode object use after free attempt
RuleID : 26637 - Revision : 6 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer DCOMTextNode object use after free attempt
RuleID : 26636 - Revision : 6 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer 8 deleted object access via timer memory corrupti...
RuleID : 26635 - Revision : 4 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer 8 deleted object access via timer memory corrupti...
RuleID : 26634 - Revision : 5 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer html reload loop attempt
RuleID : 26633 - Revision : 7 - Type : BROWSER-IE
2014-01-10 Microsoft Windows 2012 Server additional empty Accept-Encoding field denial o...
RuleID : 26632 - Revision : 3 - Type : SERVER-WEBAPP
2014-01-10 Microsoft Internet Explorer CDispNode float css element use after free attempt
RuleID : 26631 - Revision : 2 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer CDispNode float css element use after free attempt
RuleID : 26630 - Revision : 3 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer setInterval focus use after free attempt
RuleID : 26629 - Revision : 3 - Type : BROWSER-IE
2014-01-10 Microsoft Office Visio SVG external entity local file disclosure attempt
RuleID : 26628 - Revision : 4 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Visio SVG external entity local file disclosure attempt
RuleID : 26627 - Revision : 4 - Type : FILE-OFFICE
2014-01-10 XML parameter entity reference local file disclosure attempt
RuleID : 26626 - Revision : 6 - Type : FILE-OFFICE
2014-01-10 Microsoft Internet Explorer 7-9 VBScript JSON reference information disclosur...
RuleID : 26625 - Revision : 3 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer 7-9 VBScript JSON reference information disclosur...
RuleID : 26624 - Revision : 4 - Type : BROWSER-IE
2014-01-10 Microsoft Windows Live Writer wlw protocol handler information disclosure att...
RuleID : 26623 - Revision : 4 - Type : BROWSER-IE
2014-01-10 Microsoft Windows Live Writer wlw protocol handler information disclosure att...
RuleID : 26622 - Revision : 4 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer null object access attempt
RuleID : 26572 - Revision : 4 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer null object access attempt
RuleID : 26571 - Revision : 3 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer null object access attempt
RuleID : 26570 - Revision : 5 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer null object access attempt
RuleID : 26569 - Revision : 4 - Type : BROWSER-IE
2014-01-10 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 26365 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 26364 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 26363 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 26362 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 26361 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 26360 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 26359 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 26358 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 26357 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 26356 - Revision : 11 - Type : BROWSER-PLUGINS
2014-01-10 Microsoft Windows RDP ActiveX component mstscax use after free attempt
RuleID : 26355 - Revision : 11 - Type : BROWSER-PLUGINS

Nessus® Vulnerability Scanner

Date Description
2013-05-15 Name : The remote host is affected by multiple code execution vulnerabilities.
File : smb_nt_ms13-037.nasl - Type : ACT_GATHER_INFO
2013-05-15 Name : The remote host is affected by a code execution vulnerability.
File : smb_nt_ms13-038.nasl - Type : ACT_GATHER_INFO
2013-05-15 Name : The remote Windows host is potentially affected by a vulnerability that could...
File : smb_nt_ms13-039.nasl - Type : ACT_GATHER_INFO
2013-05-15 Name : The version of the .NET Framework installed on the remote host is affected by...
File : smb_nt_ms13-040.nasl - Type : ACT_GATHER_INFO
2013-05-15 Name : The remote host is affected by a remote code execution vulnerability.
File : smb_nt_ms13-041.nasl - Type : ACT_GATHER_INFO
2013-05-15 Name : Microsoft Publisher, a component of Microsoft Office installed on the remote ...
File : smb_nt_ms13-042.nasl - Type : ACT_GATHER_INFO
2013-05-15 Name : A Microsoft Office component installed on the remote host is affected by a co...
File : smb_nt_ms13-043.nasl - Type : ACT_GATHER_INFO
2013-05-15 Name : The remote Visio install is affected by an information disclosure vulnerability.
File : smb_nt_ms13-044.nasl - Type : ACT_GATHER_INFO
2013-05-15 Name : An application on the remote Windows host has an information disclosure vulne...
File : smb_nt_ms13-045.nasl - Type : ACT_GATHER_INFO
2013-05-15 Name : The Windows kernel on the remote host is affected by multiple vulnerabilities.
File : smb_nt_ms13-046.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2013-12-31 13:22:54
  • Multiple Updates
2013-05-23 00:19:06
  • First insertion