CVE-2013-0096

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2013-0096
Writer in Microsoft Windows Essentials 2011 and 2012 allows remote attackers to bypass proxy settings and overwrite arbitrary files via crafted URL parameters, aka "Windows Essentials Improper URI Handling Vulnerability."

6.8 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://www.us-cert.gov/ncas/alerts/TA13-134A Third Party Advisory US Government Resource
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16204
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-045
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:windows_essentials:2011:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_essentials:2012:*:*:*:*:*:*:*
Information

Published : 2013-05-14 20:36

Updated : 2018-10-12 15:03

NVD link : CVE-2013-0096

Mitre link : CVE-2013-0096

JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa
Products Affected

microsoft

  • windows_essentials