MS13-064 Vulnerability in Windows NAT Driver Could Allow Denial of Service
2013-08-13 This security update resolves a privately reported vulnerability in the Windows NAT Driver in Microsoft Windows. The vulnerability could allow denial of service if an attacker sends a specially crafted ICMP packet to a target server that is running the Windows NAT Driver service.
Vulnerabilities addressed in this bulletin:
Bulletin details at Microsoft.com
Vulnerabilities addressed in this bulletin:
- Windows NAT Denial of Service Vulnerability
- A denial of service vulnerability exists in the Windows NAT Driver that could cause the target system to stop responding until restarted. The vulnerability is caused when the Windows NAT Driver service in Windows Server 2012 does not properly handle specially crafted ICMP packets leading to memory corruption.
CVE-2013-3182
Bulletin details at Microsoft.com
Related CVE Entries
The Windows NAT Driver (aka winnat) service in Microsoft Windows Server 2012 does not properly validate memory addresses during the processing of ICMP packets, which allows remote attackers to cause a denial of service (memory corruption and system hang) via crafted packets, aka "Windows NAT Denial of Service Vulnerability."
Max CVSS
7.8
EPSS Score
45.99%
Published
2013-08-14
Updated
2018-10-12