MS13-062 Vulnerability in Remote Procedure Call Could Allow Elevation of Privilege
2013-08-13 This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker sends a specially crafted RPC request.
Vulnerabilities addressed in this bulletin:
Bulletin details at Microsoft.com
Vulnerabilities addressed in this bulletin:
- Remote Procedure Call Vulnerability
- An elevation of privilege vulnerability exists in the way that Windows handles asynchronous RPC requests. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
CVE-2013-3175
Bulletin details at Microsoft.com
Related CVE Entries
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a malformed asynchronous RPC request, aka "Remote Procedure Call Vulnerability."
Max CVSS
10.0
EPSS Score
90.54%
Published
2013-08-14
Updated
2023-12-07