Use-After-Free Vulnerability in Microsoft Windows Operating Systems
CVE-2013-3879

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Server 2008; Windows Rt; Windows Xp; Windows 8
Vendor: CVE Published:; 9 October 2013

Summary

The vulnerability pertains to a use-after-free scenario in the win32k.sys kernel-mode driver within several Microsoft Windows versions. This flaw may allow a local user to execute a crafted application to gain elevated privileges, potentially compromising the system's integrity. Compatibility extends across various platforms, highlighting the need for prompt security updates to mitigate risk and protect user environments.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.us-cert.gov/ncas/alerts/TA13-288A

third-party-advisoryx_refsource_CERT

Timeline

Vulnerability published
Oct 9, 2013
Vulnerability Reserved
Jun 3, 2013