CVE-2013-6791

Microsoft Enhanced Mitigation Experience Toolkit < 4.0 - ASLR Bypass via Predictable Hooked Function Addresses

Title source: llm
STIX 2.1

Description

Microsoft Enhanced Mitigation Experience Toolkit (EMET) before 4.0 uses predictable addresses for hooked functions, which makes it easier for context-dependent attackers to defeat the ASLR protection mechanism via a return-oriented programming (ROP) attack.

References (3)

Core 3
Core References
Various Sources x_refsource_misc
http://en.nsfocus.com/advisories/1301.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1029411

Scores

EPSS 0.0460
EPSS Percentile 90.5%

Details

CWE
CWE-200
Status published
Products (1)
microsoft/enhanced_mitigation_experience_toolkit < 3.0
Published Nov 29, 2013
Tracked Since Feb 18, 2026