CVE-2013-0078

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Defender
Vendor: CVE Published:; 9 April 2013

Summary

The Microsoft Antimalware Client in Windows Defender on Windows 8 and Windows RT uses an incorrect pathname for MsMpEng.exe, which allows local users to gain privileges via a crafted application, aka "Microsoft Antimalware Improper Pathname Vulnerability."

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.us-cert.gov/ncas/alerts/TA13-100A

third-party-advisoryx_refsource_CERT

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

Timeline

Vulnerability published
Apr 9, 2013
Vulnerability Reserved
Nov 27, 2012

Collectors

NVD DatabaseMitre Database