Microsoft Windows OLE Remote Code Execution Vulnerability (2876217) Network Vulnerability

Summary

This host is missing an critical security update according to Microsoft Bulletin MS13-070.

Impact

Successful exploitation will allow attackers to execute arbitrary code and take complete control of an affected system. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, https://technet.microsoft.com/en-us/security/bulletin/ms13-070

Insight

Flaw is caused when Microsoft Windows incorrectly handles OLE objects in memory.

Affected

Microsoft Windows XP Service Pack 3 and prior Microsoft Windows XP x64 Edition Service Pack 2 and prior Microsoft Windows 2003 x32/x64 Service Pack 2 and prior

Detection

Get the vulnerable file version and check appropriate patch is applied or not.

References

http://secunia.com/advisories/54735
http://support.microsoft.com/kb/2876217
https://technet.microsoft.com/en-us/security/bulletin/ms13-070

Updated on 2017-03-28

Severity

Classification

CVE CVE-2013-3863

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Microsoft Foundation Class (MFC) Library Remote Code Execution Vulnerability (2500212)
Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability (956844)
Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2604930)
.NET JIT Compiler Vulnerability
Cumulative Security Update for Internet Explorer (961260)

Take action and discover your vulnerabilities