CVE-2013-3862
Description
Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP1 allows local users to gain privileges via a crafted service description that is not properly handled by services.exe in the Service Control Manager (SCM), aka Service Control Manager Double Free Vulnerability.
Risk Information
Base Score
7.8
MODERATE
Vector
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.461
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| ms13-077: vulnerability in windows service control manager could allow elevation of privilege: september 10, 2013 for Windows 7 (KB2872339) | Windows |
| ms13-077: vulnerability in windows service control manager could allow elevation of privilege: september 10, 2013 for Windows 7 for x64-based Systems (KB2872339) | Windows |
| ms13-077: vulnerability in windows service control manager could allow elevation of privilege: september 10, 2013 for Windows Server 2008 R2 x64 Edition (KB2872339) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-14272 | Security Update for Windows 7 (KB2872339) |
| PATCH-14273 | Security Update for Windows 7 for x64-based Systems (KB2872339) |
| PATCH-14274 | Security Update for Windows Server 2008 R2 x64 Edition (KB2872339) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234