CVE-2013-7331

Description

The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstrated by a res:// URL, and exploited in the wild in February 2014.

Related CPE's

amicrosoftinternet_explorer6*******

omicrosoftwindows_server_2003-sp2******

amicrosoftinternet_explorer7*******

omicrosoftwindows_server_2008-sp2******

omicrosoftwindows_vista-sp2******

omicrosoftwindows_server_2003-sp2******

amicrosoftinternet_explorer8*******

omicrosoftwindows_server_2008r2sp1****x64*

omicrosoftwindows_server_2008r2sp1****itanium*

omicrosoftwindows_server_2008-sp2******

References

https://soroush.secproject.com/blog/2013/04/microsoft-xmldom-in-ie-can-divulge-information-of-local-drivenetwork-in-error-messages/

Exploit

http://www.fireeye.com/blog/uncategorized/2014/02/operation-snowman-deputydog-actor-compromises-us-veterans-of-foreign-wars-website.html

Third Party Advisory

VU#539289

Third Party AdvisoryUS Government Resource

1030818

Third Party AdvisoryVDB Entry

MS14-052

PatchVendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:M/Au:N/C:P/I:N/A:N

AccessVector

NETWORK

AccessComplexity

MEDIUM

Authentication

NONE

ConfidentialityImpact

PARTIAL

IntegrityImpact

NONE

AvailabilityImpact

NONE

BaseScore

4.300000190734863

Created by Yello
About Severity.io