Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2013-3940

EPSS 71.78% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2013-3940

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image in a Windows Write (.wri) document, which is not properly handled in WordPad, aka "Graphics Device Interface Integer Overflow Vulnerability."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Windows 图形设备接口整数溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Windows Graphics Device Interface(GDI,图形设备接口)是一个应用程序接口,它的主要任务是负责系统与绘图程序之间的信息交换,以及处理所有Windows程序的图形输出。 Windows图形设备接口(GDI)在写字板中处理特制Windows Write文件的方式中存在一个远程执行代码漏洞。成功利用此漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。那些帐户被配置为拥有较少系统用户权限的用户比具有管理用户权限的用
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2013-3940

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2013-3940

登录查看更多情报信息。

Same Patch Batch · n/a · 2013-11-13 · 49 CVEs total

CVE-2013-3869Microsoft Windows 数字签名漏洞
CVE-2013-3905Microsoft Outlook S/MIME AIA 漏洞
CVE-2013-3909Microsoft Internet Explorer 信息泄露漏洞
CVE-2013-3914Microsoft Internet Explorer 内存损坏漏洞
CVE-2013-3915Microsoft Internet Explorer 内存损坏漏洞
CVE-2013-3916Microsoft Internet Explorer 内存损坏漏洞
CVE-2013-3917Microsoft Internet Explorer 内存损坏漏洞
CVE-2013-6789SilverStripe 信息泄露漏洞
CVE-2013-3912Microsoft Internet Explorer 内存损坏漏洞
CVE-2013-3887Microsoft Windows 辅助功能驱动程序信息泄露漏洞
CVE-2013-3898Microsoft Windows 地址损坏漏洞
CVE-2013-2653SilverStripe ‘MemberLoginForm.php’信息泄露漏洞
CVE-2013-1325Microsoft Office Word堆覆盖漏洞
CVE-2013-1324Microsoft Office Word堆栈缓冲区覆盖漏洞
CVE-2013-0082Microsoft Office WPD文件格式内存损坏漏洞
CVE-2013-5330Adobe Flash Player和Adobe AIR 缓冲区溢出漏洞
CVE-2013-5329Adobe Flash Player和Adobe AIR 缓冲区溢出漏洞
CVE-2013-5328Adobe ColdFusion 权限许可和访问控制问题漏洞
CVE-2013-5326Adobe ColdFusion 跨站脚本漏洞
CVE-2013-6780Yahoo! YUI ‘uploader.swf’跨站脚本漏洞

Showing top 20 of 49 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2013-3940

No comments yet

Leave a comment