CVE-2013-0008

Microsoft Windows Vista - Access Control

Title source: rule

Description

win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle window broadcast messages, which allows local users to gain privileges via a crafted application, aka "Win32k Improper Message Handling Vulnerability."

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/27296

View Code ZIP pw:eip

exploitdb WORKING POC

by 0vercl0k · textdoswindows

https://www.exploit-db.com/exploits/24485

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by Tavis Ormandy, Axel Souchet, Ben Campbell · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/ms13_005_hwnd_broadcast.rb

View Code ZIP pw:eip

References (5)

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA13-008A.html

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16326

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/24485

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-005

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/57135

Scores

EPSS 0.1756

EPSS Percentile 95.1%

Details

CWE

CWE-264

Status published

Products (7)

microsoft/windows_7 (4 CPE variants)

microsoft/windows_8 (2 CPE variants)

microsoft/windows_rt

microsoft/windows_server_2008 (3 CPE variants)

microsoft/windows_server_2008 r2 (2 CPE variants)

microsoft/windows_server_2012

microsoft/windows_vista

Published Jan 09, 2013

Tracked Since Feb 18, 2026