CVE-2013-3903
Published Dec 11, 2013
Last updated 6 years ago
Overview
- Description
- Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to cause a denial of service (reboot) via a crafted TrueType font (TTF) file, aka "TrueType Font Parsing Vulnerability."
- Source
- secure@microsoft.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.7
- Impact score
- 6.9
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-20
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE8E7D74-0DCB-4633-B502-EDC2112229BA"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x86:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9DAA2E6F-A666-4136-8F6B-E35C313CAB2B"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ABC7A32C-4A4A-4533-B42E-350E728ADFEB"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:datacenter:*:*:*",
"vulnerable": true,
"matchCriteriaId": "32BCD530-F6E2-4F9B-AD4C-7DF2BED00296"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:essentials:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A1318333-EF3A-4DBA-8DD7-367BF843F70D"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:standard:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74B5E7C1-6C1D-4605-91CF-AF105EFA678D"
}
],
"operator": "OR"
}
]
}
]