CVE-2013-3154

EPSS 3.75% · P88 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2013-3154

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The signature-update functionality in Windows Defender on Microsoft Windows 7 and Windows Server 2008 R2 relies on an incorrect pathname, which allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory, aka "Microsoft Windows 7 Defender Improper Pathname Vulnerability."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Microsoft Windows Defender 不正确的路径名称漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Microsoft Windows是美国微软（Microsoft）公司发布的一系列操作系统。 Microsoft Windows 7和Windows Server 2008 R2中的Windows Defender中的signature-update功能中存在特权提升漏洞。成功利用此漏洞的攻击者可以在LocalSystem帐户的安全上下文中执行任意代码并完全控制系统。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。攻击者必须拥有有效的登录凭据才能利用此漏洞。匿名用户无法利用此

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2013-3154

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2013-3154

请登录查看更多情报信息。

http://blogs.technet.com/b/srd/archive/2013/07/09/assessing-risk-for-the-july-2013-security-updates.aspxx_refsource_CONFIRM
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-058vendor-advisoryx_refsource_MS
Microsoft Updates for Multiple Vulnerabilities | CISAthird-party-advisoryx_refsource_CERT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17253vdb-entrysignaturex_refsource_OVAL
https://nvd.nist.gov/vuln/detail/CVE-2013-3154

Same Patch Batch · n/a · 2013-07-10 · 71 CVEs total

CVE-2013-3132		Microsoft .NET Framework 委派反射绕过漏洞
CVE-2013-3171		Microsoft .NET Framework 委派序列化漏洞
CVE-2013-3166		Microsoft Internet Explorer Shift JIS 字符编码漏洞
CVE-2013-3147		Microsoft Internet Explorer 内存损坏漏洞
CVE-2013-3146		Microsoft Internet Explorer 内存损坏漏洞
CVE-2013-3145		Microsoft Internet Explorer 内存损坏漏洞
CVE-2013-3144		Microsoft Internet Explorer 内存损坏漏洞
CVE-2013-3143		Microsoft Internet Explorer 内存损坏漏洞
CVE-2013-3134		Microsoft .NET Framework 数组分配漏洞
CVE-2013-3133		Microsoft .NET Framework 匿名方法注入漏洞
CVE-2013-3148		Microsoft Internet Explorer 内存损坏漏洞
CVE-2013-3131		Microsoft .NET Framework 数组访问冲突漏洞
CVE-2013-3129		Microsoft 多款产品代码注入漏洞
CVE-2013-3127		Microsoft WMV 视频解码器远程执行代码漏洞
CVE-2013-3115		Microsoft Internet Explorer 内存损坏漏洞
CVE-2013-1345		Microsoft Windows Win32k 安全漏洞
CVE-2013-1340		Microsoft Windows Win32k 解除引用漏洞
CVE-2013-1300		Microsoft Windows Win32k 内存分配漏洞
CVE-2013-3350		Adobe ColdFusion 安全绕过漏洞
CVE-2013-3349		Adobe ColdFusion 拒绝服务漏洞

Showing top 20 of 71 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2013-3154

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2013-3154

I. Basic Information for CVE-2013-3154

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2013-3154

III. Intelligence Information for CVE-2013-3154

Same Patch Batch · n/a · 2013-07-10 · 71 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2013-3154

Leave a comment