Microsoft EMET 3.x >= 3.5 / 4.x < 4.0.4913.26122 ASLR Security Bypass

This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.


Synopsis :

A tool for mitigating security vulnerabilities is potentially affected
by a security bypass vulnerability.

Description :

Microsoft's Enhanced Mitigation Experience Toolkit (EMET) is installed
on the remote system and is 3.x newer than or equal to 3.5 or 4.x prior
to 4.0.4913.26122. It is, therefore, potentially affected by a security
bypass vulnerability.

The application stores function addresses in a predictable way that
could aid an attacker in bypassing Address Space Layout Randomization
(ASLR) protections.

See also :

http://www.nessus.org/u?33f7e614

Solution :

Upgrade to EMET 4.0.4913.26122 or later. A possible temporary
mitigation step is to disable EMET.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 71176 ()

Bugtraq ID: 64022

CVE ID: CVE-2013-6791

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now