Integer Overflow Vulnerability in Microsoft Windows Products
CVE-2013-3195

Currently unrated

Key Information:

Vendor

Microsoft
Status
Windows Server 2008
Windows Rt
Windows Xp
Windows 8
Vendor
CVE Published:
9 October 2013

What is CVE-2013-3195?

The Comctl32.dll library is susceptible to an integer overflow vulnerability that occurs due to improper memory allocation in its DSA_InsertItem function. This weakness allows remote attackers to exploit a crafted argument sent to an ASP.NET web application, potentially leading to arbitrary code execution. The flaw affects multiple versions of Microsoft Windows, including Windows XP, Windows Vista, Windows 7, and several server editions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://www.us-cert.gov/ncas/alerts/TA13-288A
third-party-advisoryx_refsource_CERT

EPSS Score

62% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.