MS13-033: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2820917)

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.

Synopsis :

The remote Windows host has a privilege escalation vulnerability.

Description :

The Windows Client/Server Run-time Subsystem (CSRSS) on the remote host
has a privilege escalation vulnerability due to an improper handling of
objects in memory. An attacker who successfully exploits this
vulnerability can execute arbitrary code in the context of the local
system. The attacker could then install or modify applications as well
as create new accounts with full user rights.

See also :

Solution :

Microsoft has released a set of patches for Windows XP, 2003, Vista,
and 2008.

Risk factor :

High / CVSS Base Score : 7.2
CVSS Temporal Score : 6.3
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 65880 ()

Bugtraq ID: 58886

CVE ID: CVE-2013-1295

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial