CVE-2013-0109

Nvidia Display Driver < 307.00 - Memory Corruption

Title source: rule

Description

The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service on Windows does not properly handle exceptions, which allows local users to gain privileges or cause a denial of service (memory overwrite) via a crafted application.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows_x86-64

https://www.exploit-db.com/exploits/30393

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by Peter Wintersmith, Ben Campbell · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/nvidia_nvsvc.rb

View Code ZIP pw:eip

References (2)

[US Government Resource] http://www.kb.cert.org/vuls/id/957036

[Patch, Vendor Advisory] http://www.nvidia.com/object/product-security.html

Scores

EPSS 0.0733

EPSS Percentile 91.7%

Details

CWE

CWE-119

Status published

Products (2)

nvidia/display_driver 310.00

nvidia/display_driver < 307.00

Published Apr 08, 2013

Tracked Since Feb 18, 2026