CVE-2013-6999
Title: Microsoft Windows Server 2008 Memory Corruption
Proof Of Concept
No public PoC currently indexed for CVE-2013-6999.
Vulnerability Summary
CVE-2013-6999: The IsHandleEntrySecure function in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 SP2 does not properly validate the tagPROCESSINFO pW32Job field, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted NtUserValidateHandleSecure call for an owned object. NOTE: the vendor reportedly disputes the significance of this report, stating that "it appears to be a local DOS ... we don't consider it a security vulnerability.
AV:L/AC:H/Au:N/C:N/I:N/A:C
Associated Attack Patterns (CAPEC)
Total: PatternsNo specific attack patterns mapped.
CVE-2013-6999 Exploits & PoCs (Proof Of Concept)
No public PoCs found in our database for this CVE.
Vulnerability data updated via NVD.
Vulnerability data updated via NVD.
Vulnerability data or affected products updated.
Vulnerability first announced in NVD.
Attack Vector Matrix
AV:L/AC:H/Au:N/C:N/I:N/A:C
Affected Stack
No specific products linked.