Vulnerabilities > CVE-2013-3138 - Numeric Errors vulnerability in Microsoft products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Integer overflow in the TCP/IP kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (system hang) via crafted TCP packets, aka "TCP/IP Integer Overflow Vulnerability."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 10 |
Common Weakness Enumeration (CWE)
Msbulletin
bulletin_id | MS13-049 |
bulletin_url | |
date | 2013-06-11T00:00:00 |
impact | Denial of Service |
knowledgebase_id | 2845690 |
knowledgebase_url | |
severity | Important |
title | Vulnerability in Kernel-Mode Driver Could Allow Denial of Service |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS13-049.NASL |
description | The remote Windows host is affected by a denial of service vulnerability due to the Windows TCP/IP stack improperly handling packets during TCP connections. An attacker could use a specially crafted packet to exploit this vulnerability and cause a target system to stop responding and restart. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 66865 |
published | 2013-06-11 |
reporter | This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/66865 |
title | MS13-049: Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (2845690) |
code |
|
Oval
accepted | 2013-07-22T04:01:56.969-04:00 | ||||||||||||||||||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||||||||||||||||||
description | Integer overflow in the TCP/IP kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (system hang) via crafted TCP packets, aka "TCP/IP Integer Overflow Vulnerability." | ||||||||||||||||||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:16943 | ||||||||||||||||||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||||||||||||||||||
submitted | 2013-06-13T20:21:09 | ||||||||||||||||||||||||||||||||||||||||||||
title | Vulnerability in Kernel-Mode Driver Could Allow Denial of Service - MS13-049 | ||||||||||||||||||||||||||||||||||||||||||||
version | 43 |