CVE-2013-0008

Microsoft Windows Vista - Access Control

Title source: rule

Description

win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle window broadcast messages, which allows local users to gain privileges via a crafted application, aka "Win32k Improper Message Handling Vulnerability."

Exploits (3)

metasploit WORKING POC EXCELLENT

by Tavis Ormandy, Axel Souchet, Ben Campbell · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/ms13_005_hwnd_broadcast.rb

View Code ZIP pw:eip

exploitdb WORKING POC

by 0vercl0k · textdoswindows

https://www.exploit-db.com/exploits/24485

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/27296

View Code ZIP pw:eip

References (5)

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA13-008A.html

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16326

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/57135

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/24485

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-005

Scores

EPSS 0.1756

EPSS Percentile 95.0%

Classification

CWE

CWE-264

Status draft

Affected Products (14)

microsoft/windows_vista

microsoft/windows_server_2008

microsoft/windows_server_2008

microsoft/windows_server_2008

microsoft/windows_7

microsoft/windows_7

microsoft/windows_7

microsoft/windows_7

microsoft/windows_server_2008

microsoft/windows_server_2008

microsoft/windows_8

microsoft/windows_8

microsoft/windows_server_2012

microsoft/windows_rt

Timeline

Published Jan 09, 2013

Tracked Since Feb 18, 2026