ID CVE-2013-3195
Summary The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted value in an argument to an ASP.NET web application, aka "Comctl32 Integer Overflow Vulnerability."
References
Vulnerable Configurations
  • Microsoft Windows 7 64-bit Service Pack 1 (initial release)
    cpe:2.3:o:microsoft:windows_7:-:sp1:x64
  • Microsoft Windows 7 x86 Service Pack 1
    cpe:2.3:o:microsoft:windows_7:-:sp1:x86
  • Windows 8 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_8:-:-:x64
  • Windows 8 x86 (32-bit)
    cpe:2.3:o:microsoft:windows_8:-:-:x86
  • Microsoft Windows RT
    cpe:2.3:o:microsoft:windows_rt
  • Microsoft Windows Server 2003 Service Pack 2
    cpe:2.3:o:microsoft:windows_server_2003:-:sp2
  • Microsoft Windows Server 2008 Service Pack 2 for Itanium-Based Systems
    cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium
  • Microsoft Windows Server 2008 Service Pack 2 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64
  • Windows Server 2008 Service Pack 2 x86
    cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86
  • Microsoft Windows Server 2008 r2 Service Pack 1 Itanium
    cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:itanium
  • Microsoft Windows Server 2008 R2 Service Pack 1 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:x64
  • Microsoft Windows Server 2012
    cpe:2.3:o:microsoft:windows_server_2012
  • Microsoft Windows Vista Service Pack 2
    cpe:2.3:o:microsoft:windows_vista:-:sp2
  • Microsoft Windows Vista Service Pack 2 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_vista:-:sp2:x64
  • Microsoft Windows XP Service Pack 2 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_xp:-:sp2:x64
CVSS
Base: 10.0 (as of 09-10-2013 - 13:25)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
msbulletin via4
bulletin_id MS13-083
bulletin_url
date 2013-10-08T00:00:00
impact Remote Code Execution
knowledgebase_id 2864058
knowledgebase_url
severity Critical
title Vulnerability in Windows Common Control Library Could Allow Remote Code Execution
nessus via4
NASL family Windows : Microsoft Bulletins
NASL id SMB_NT_MS13-083.NASL
description The remote host has an integer overflow vulnerability in the Windows Common Control Library. The vulnerability could allow remote code execution if an attacker sends a specially crafted web request to an ASP.NET web application running on an affected system. An attacker could exploit this vulnerability without authentication to run arbitrary code.
last seen 2019-02-21
modified 2018-11-15
plugin id 70335
published 2013-10-09
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=70335
title MS13-083: Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2864058)
oval via4
accepted 2013-11-25T04:00:26.222-05:00
class vulnerability
contributors
name SecPod Team
organization SecPod Technologies
definition_extensions
  • comment Microsoft Windows XP x64 Edition SP2 is installed
    oval oval:org.mitre.oval:def:4193
  • comment Microsoft Windows Server 2003 SP2 (x86) is installed
    oval oval:org.mitre.oval:def:1935
  • comment Microsoft Windows Server 2003 SP2 (x64) is installed
    oval oval:org.mitre.oval:def:2161
  • comment Microsoft Windows Server 2003 (ia64) SP2 is installed
    oval oval:org.mitre.oval:def:1442
  • comment Microsoft Windows Vista (32-bit) Service Pack 2 is installed
    oval oval:org.mitre.oval:def:6124
  • comment Microsoft Windows Vista x64 Edition Service Pack 2 is installed
    oval oval:org.mitre.oval:def:5594
  • comment Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed
    oval oval:org.mitre.oval:def:5653
  • comment Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed
    oval oval:org.mitre.oval:def:6216
  • comment Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed
    oval oval:org.mitre.oval:def:6150
  • comment Microsoft Windows 7 (32-bit) Service Pack 1 is installed
    oval oval:org.mitre.oval:def:12292
  • comment Microsoft Windows 7 x64 Service Pack 1 is installed
    oval oval:org.mitre.oval:def:12627
  • comment Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed
    oval oval:org.mitre.oval:def:12567
  • comment Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed
    oval oval:org.mitre.oval:def:12583
  • comment Microsoft Windows 8 (x86) is installed
    oval oval:org.mitre.oval:def:14914
  • comment Microsoft Windows 8 (x64) is installed
    oval oval:org.mitre.oval:def:15571
  • comment Microsoft Windows Server 2012 (64-bit) is installed
    oval oval:org.mitre.oval:def:15585
description The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted value in an argument to an ASP.NET web application, aka "Comctl32 Integer Overflow Vulnerability."
family windows
id oval:org.mitre.oval:def:18715
status accepted
submitted 2013-10-15T10:20:10
title Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (CVE-2013-3195) - MS13-083
version 70
refmap via4
cert TA13-288A
confirm http://blogs.technet.com/b/srd/archive/2013/10/08/assessing-risk-for-the-october-2013-security-updates.aspx
ms MS13-083
Last major update 19-12-2013 - 23:35
Published 09-10-2013 - 10:53
Last modified 26-02-2019 - 09:04
Back to Top