CVE-2013-3878: Buffer Overflow
First published: Wed Dec 11 2013(Updated: )
Stack-based buffer overflow in the LRPC client in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges by operating an LRPC server that sends a crafted LPC port message, aka "LRPC Client Buffer Overrun Vulnerability."
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows Server | =sp2 | |
| Microsoft Windows XP | =sp3 | |
| Microsoft Windows XP | =sp2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2013-3878?
CVE-2013-3878 is considered critical as it allows local users to gain elevated privileges through a buffer overflow vulnerability.
How do I fix CVE-2013-3878?
To fix CVE-2013-3878, apply the relevant security update provided by Microsoft.
Which systems are affected by CVE-2013-3878?
CVE-2013-3878 affects Microsoft Windows XP SP2 and SP3, as well as Windows Server 2003 SP2.
What is the nature of the vulnerability in CVE-2013-3878?
CVE-2013-3878 is a stack-based buffer overflow in the LRPC client that can be exploited by malicious LRPC servers.
Who can exploit CVE-2013-3878?
Local users can exploit CVE-2013-3878 by operating a crafted LRPC server that sends specially crafted LPC port messages.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/microsoft windows server
- version/microsoft windows server/sp2
- canonical/microsoft windows xp
- version/microsoft windows xp/sp3
- version/microsoft windows xp/sp2