Vulnerability Details : CVE-2013-3182
The Windows NAT Driver (aka winnat) service in Microsoft Windows Server 2012 does not properly validate memory addresses during the processing of ICMP packets, which allows remote attackers to cause a denial of service (memory corruption and system hang) via crafted packets, aka "Windows NAT Denial of Service Vulnerability."
Vulnerability category: OverflowMemory CorruptionDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2013-3182
Probability of exploitation activity in the next 30 days: 45.99%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 97 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2013-3182
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
CWE ids for CVE-2013-3182
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-3182
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18199
Repository / Oval Repository
-
http://www.us-cert.gov/ncas/alerts/TA13-225A
Microsoft Updates for Multiple Vulnerabilities | CISAThird Party Advisory;US Government Resource
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-064
Microsoft Security Bulletin MS13-064 - Important | Microsoft Docs
Products affected by CVE-2013-3182
- cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*