Vulnerability Details : CVE-2013-0096
Writer in Microsoft Windows Essentials 2011 and 2012 allows remote attackers to bypass proxy settings and overwrite arbitrary files via crafted URL parameters, aka "Windows Essentials Improper URI Handling Vulnerability."
Exploit prediction scoring system (EPSS) score for CVE-2013-0096
Probability of exploitation activity in the next 30 days: 29.51%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 97 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2013-0096
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
CWE ids for CVE-2013-0096
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-0096
-
http://www.us-cert.gov/ncas/alerts/TA13-134A
Microsoft Updates for Multiple Vulnerabilities | CISAThird Party Advisory;US Government Resource
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-045
Microsoft Security Bulletin MS13-045 - Important | Microsoft Docs
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16204
Repository / Oval Repository
Products affected by CVE-2013-0096
- cpe:2.3:a:microsoft:windows_essentials:2011:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:windows_essentials:2012:*:*:*:*:*:*:*