What is the severity of CVE-2013-3661?

CVE-2013-3661 is considered as a critical vulnerability that could allow an attacker to execute arbitrary code on affected systems.

How do I fix CVE-2013-3661?

To fix CVE-2013-3661, ensure that your system is updated with the latest security patches provided by Microsoft.

Which versions of Windows are affected by CVE-2013-3661?

CVE-2013-3661 affects multiple versions of Windows including XP, Vista, 7, 8, Server 2003, Server 2008, and Server 2012.

What type of vulnerability is CVE-2013-3661?

CVE-2013-3661 is a memory corruption vulnerability that arises from improper handling of linked-list traversal.

Can CVE-2013-3661 be exploited remotely?

Yes, CVE-2013-3661 can potentially be exploited remotely by an attacker through a specially crafted application or document.

Vulnerability/
CVE-2013-3661

medium

4.9

CWE

24/5/2013

6/8/2024

CVE-2013-3661: Path Traversal

First published: Fri May 24 2013(Updated: )

The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not check whether linked-list traversal is continually accessing the same list member, which allows local users to cause a denial of service (infinite traversal) via vectors that trigger a crafted PATHRECORD chain.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Microsoft Windows 7	=sp1
Microsoft Windows 7	=sp1
Microsoft Windows 8.0
Microsoft Windows 8.0
Microsoft Windows RT
Microsoft Windows Server 2003	=sp2
Microsoft Windows Server 2008 Itanium	=sp2
Microsoft Windows Server 2008 Itanium	=r2-sp1
Microsoft Windows Server 2012 x64
Microsoft Windows Vista	=sp2
Microsoft Windows XP	=sp3
Microsoft Windows XP	=sp2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-3661?
CVE-2013-3661 is considered as a critical vulnerability that could allow an attacker to execute arbitrary code on affected systems.
How do I fix CVE-2013-3661?
To fix CVE-2013-3661, ensure that your system is updated with the latest security patches provided by Microsoft.
Which versions of Windows are affected by CVE-2013-3661?
CVE-2013-3661 affects multiple versions of Windows including XP, Vista, 7, 8, Server 2003, Server 2008, and Server 2012.
What type of vulnerability is CVE-2013-3661?
CVE-2013-3661 is a memory corruption vulnerability that arises from improper handling of linked-list traversal.
Can CVE-2013-3661 be exploited remotely?
Yes, CVE-2013-3661 can potentially be exploited remotely by an attacker through a specially crafted application or document.

agent/type
agent/weakness
agent/author
agent/references
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/microsoft
canonical/microsoft windows 7
version/microsoft windows 7/sp1
canonical/microsoft windows 8.0
canonical/microsoft windows rt
canonical/microsoft windows server 2003
version/microsoft windows server 2003/sp2
canonical/microsoft windows server 2008 itanium
version/microsoft windows server 2008 itanium/sp2
version/microsoft windows server 2008 itanium/r2-sp1
canonical/microsoft windows server 2012 x64
canonical/microsoft windows vista
version/microsoft windows vista/sp2
canonical/microsoft windows xp
version/microsoft windows xp/sp3
version/microsoft windows xp/sp2

Frequently Asked Questions

What is the severity of CVE-2013-3661?
CVE-2013-3661 is considered as a critical vulnerability that could allow an attacker to execute arbitrary code on affected systems.
How do I fix CVE-2013-3661?
To fix CVE-2013-3661, ensure that your system is updated with the latest security patches provided by Microsoft.
Which versions of Windows are affected by CVE-2013-3661?
CVE-2013-3661 affects multiple versions of Windows including XP, Vista, 7, 8, Server 2003, Server 2008, and Server 2012.
What type of vulnerability is CVE-2013-3661?
CVE-2013-3661 is a memory corruption vulnerability that arises from improper handling of linked-list traversal.
Can CVE-2013-3661 be exploited remotely?
Yes, CVE-2013-3661 can potentially be exploited remotely by an attacker through a specially crafted application or document.

CVE-2013-3661: Path Traversal

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-3661?

How do I fix CVE-2013-3661?

Which versions of Windows are affected by CVE-2013-3661?

What type of vulnerability is CVE-2013-3661?

Can CVE-2013-3661 be exploited remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2013-3661?

How do I fix CVE-2013-3661?

Which versions of Windows are affected by CVE-2013-3661?

What type of vulnerability is CVE-2013-3661?

Can CVE-2013-3661 be exploited remotely?