Summary
This host is missing a security update according to Microsoft Security Advisory (2755801).
Impact
Successful exploitation will allow attackers to execute arbitrary code, corrupt memory or cause a denial of service condition.
Impact Level: System/Application
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/advisory/2755801
Insight
Unspecified flaw due to improper sanitization of user-supplied input.
Affected
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Detection
Get the vulnerable file version and check appropriate patch is applied or not.
References
Severity
Classification
-
CVE CVE-2013-3343 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Active Directory Could Allow Remote Code Execution Vulnerability (957280)
- Microsoft DirectShow Remote Code Execution Vulnerability (977935)
- Microsoft 'hxvz.dll' ActiveX Control Memory Corruption Vulnerability (948881)
- Microsoft IIS Security Bypass Vulnerability (970483)
- Buffer Overrun in the ListBox and in the ComboBox (824141)