CVE-2013-6791
Microsoft Enhanced Mitigation Experience Toolkit < 4.0 - ASLR Bypass via Predictable Hooked Function Addresses
Title source: llmDescription
Microsoft Enhanced Mitigation Experience Toolkit (EMET) before 4.0 uses predictable addresses for hooked functions, which makes it easier for context-dependent attackers to defeat the ASLR protection mechanism via a return-oriented programming (ROP) attack.
References (3)
Core 3
Core References
Various Sources x_refsource_misc
http://en.nsfocus.com/advisories/1301.html
Patch x_refsource_confirm
http://blogs.technet.com/b/srd/archive/2013/06/17/emet-4-0-now-available-for-download.aspx
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1029411
Scores
EPSS
0.0460
EPSS Percentile
90.5%
Details
CWE
CWE-200
Status
published
Products (1)
microsoft/enhanced_mitigation_experience_toolkit
< 3.0
Published
Nov 29, 2013
Tracked Since
Feb 18, 2026