Vulnerabilities > CVE-2013-1339 - Resource Management Errors vulnerability in Microsoft products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The Print Spooler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly manage memory during deletion of printer connections, which allows remote authenticated users to execute arbitrary code via a crafted request, aka "Print Spooler Vulnerability."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 11 |
Common Weakness Enumeration (CWE)
Msbulletin
| bulletin_id | MS13-050 |
| bulletin_url | |
| date | 2013-06-11T00:00:00 |
| impact | Elevation of Privilege |
| knowledgebase_id | 2839894 |
| knowledgebase_url | |
| severity | Important |
| title | Vulnerability in Windows Print Spooler Components Could Allow Elevation of Privilege |
Nessus
| NASL family | Windows : Microsoft Bulletins |
| NASL id | SMB_NT_MS13-050.NASL |
| description | The remote Windows host is potentially affected by a vulnerability that could allow elevation of privilege when an authenticated attacker deletes a printer connection. An attacker who is able to successfully exploit the vulnerability could run arbitrary code on a user |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 66866 |
| published | 2013-06-11 |
| reporter | This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/66866 |
| title | MS13-050: Vulnerability in Windows Print Spooler Components Could Allow Elevation of Privilege (2839894) |
Oval
| accepted | 2013-07-22T04:01:30.753-04:00 | ||||||||||||||||||||||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||||||||||||||||||||||
| description | The Print Spooler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly manage memory during deletion of printer connections, which allows remote authenticated users to execute arbitrary code via a crafted request, aka "Print Spooler Vulnerability." | ||||||||||||||||||||||||||||||||||||||||||||
| family | windows | ||||||||||||||||||||||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:16837 | ||||||||||||||||||||||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||||||||||||||||||||||
| submitted | 2013-06-13T12:49:02 | ||||||||||||||||||||||||||||||||||||||||||||
| title | Vulnerability in Windows Print Spooler Components Could Allow Elevation of Privilege - MS13-050 | ||||||||||||||||||||||||||||||||||||||||||||
| version | 73 |
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 60407 CVE(CAN) ID: CVE-2013-1339 Microsoft Windows是微软公司推出的一系列操作系统。 打印机被删除时 Microsoft Windows 打印后台处理程序处理内存的方式中存在一个特权提升漏洞。当经过身份验证的攻击者删除打印机连接时,该漏洞可能允许特权提升。攻击者必须拥有有效的登录凭据并能登录才能利用此漏洞。 0 Microsoft Windows Windows Vista 0 Microsoft Windows Windows Server 2012 Microsoft Windows Server 2008 Microsoft Windows RT Microsoft Windows 8 Microsoft Windows 7 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS13-050)以及相应补丁: MS13-050:Vulnerability in Windows Print Spooler Components Could Allow Elevation of Privilege (2839894) 链接:http://technet.microsoft.com/security/bulletin/MS13-050 |
| id | SSV:60845 |
| last seen | 2017-11-19 |
| modified | 2013-06-17 |
| published | 2013-06-17 |
| reporter | Root |
| title | Microsoft Windows Print Spooler Service本地权限提升漏洞(CVE-2013-1339) |