exploitDog

CVE-2013-3898

Опубликовано: 13 нояб. 2013

Источник: nvd

CVSS2: 7.9

EPSS Низкий

Описание

Microsoft Windows 8 and Windows Server 2012, when Hyper-V is used, does not ensure memory-address validity, which allows guest OS users to execute arbitrary code in all guest OS instances, and allows guest OS users to cause a denial of service (host OS crash), via a guest-to-host hypercall with a crafted function parameter, aka "Address Corruption Vulnerability."

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:*

EPSS

Процентиль: 48%

0.00252

Низкий

7.9 High

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-xq3p-jw3h-qr29

github

больше 3 лет назад

Microsoft Windows 8 and Windows Server 2012, when Hyper-V is used, does not ensure memory-address validity, which allows guest OS users to execute arbitrary code in all guest OS instances, and allows guest OS users to cause a denial of service (host OS crash), via a guest-to-host hypercall with a crafted function parameter, aka "Address Corruption Vulnerability."

EPSS

Процентиль: 48%

0.00252

Низкий

7.9 High

CVSS2

Дефекты

CWE-264