CVE-2013-0002

Description

Buffer overflow in the Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application that leverages improper counting of objects during a memory copy operation, aka "WinForms Buffer Overflow Vulnerability."

Related CPE's

amicrosoft.net_framework1.0sp3******

omicrosoftwindows_xp-sp3media_center*****

omicrosoftwindows_xp-sp3tablet_pc*****

amicrosoft.net_framework1.1sp1******

omicrosoftwindows_server_2008*sp2x86*****

omicrosoftwindows_vista*sp2x64*****

omicrosoftwindows_server_2008-sp2itanium*****

omicrosoftwindows_xp-sp2x64*****

omicrosoftwindows_xp*sp3******

omicrosoftwindows_server_2008*sp2x64*****

References

TA13-008A

US Government Resource

oval:org.mitre.oval:def:16343

MS13-004

[santuario-commits] 20190823 svn commit: r1049214 - in /websites/production/santuario/content: cache/main.pageCache download.html index.html javaindex.html javareleasenotes.html secadv.data/CVE-2019-12400.asc secadv.html

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:M/Au:N/C:C/I:C/A:C

AccessVector

NETWORK

AccessComplexity

MEDIUM

Authentication

NONE

ConfidentialityImpact

COMPLETE

IntegrityImpact

COMPLETE

AvailabilityImpact

COMPLETE

BaseScore

9.300000190734863

Created by Yello
About Severity.io