Microsoft Windows Common Control Library Remote Code Execution Vulnerability
Last Update Date:
9 Oct 2013 18:58
Release Date:
9 Oct 2013
3905
Views
RISK: High Risk
TYPE: Operating Systems - Windows OS
Comctl32 Integer Overflow Vulnerability
A remote code execution vulnerability exists in the way that the Windows common control library handles allocating memory for data structures. The vulnerability could allow remote code execution if an attacker sends a specially crafted web request to an ASP.NET web application running on an affected system.
Impact
- Remote Code Execution
System / Technologies affected
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
- Windows Server 2008 R2
- Windows 8
- Windows Server 2012
- Windows RT
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Download location for patches:
http://technet.microsoft.com/en-us/security/bulletin/MS13-083
Vulnerability Identifier
Source
Related Link
Share with