MS13-001: Vulnerabilities in Windows Print Spooler Components Could Allow Remote Code Execution (2769369)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote Windows host is potentially affected by a code execution
vulnerability.

Description :

The remote Windows host is potentially affected by a vulnerability that
could allow remote code execution if a print server received a specially
crafted print job. Firewall best practices and standard default
firewall configurations can help protect networks from attacks that
originate outside the enterprise perimeter. Best practices recommend
that systems connected directly to the Internet have a minimal number of
ports exposed.

See also :

http://technet.microsoft.com/en-us/security/bulletin/ms13-001

Solution :

Microsoft has released a set of patches for Windows 7, and 2008 R2.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 63419 ()

Bugtraq ID: 57142

CVE ID: CVE-2013-0011