SynopsisThe Windows kernel on the remote host is affected by multiple vulnerabilities.
DescriptionThe Windows kernel on the remote host has the following vulnerabilities :
- A memory allocation vulnerability exists.
- A dereference vulnerability exists. (CVE-2013-1340)
- A privilege escalation vulnerability exists in the Windows kernel-mode driver. (CVE-2013-1345)
- A TrueType Font parsing vulnerability exists.
- An information disclosure vulnerability exists.
- A buffer overflow vulnerability exists. (CVE-2013-3173)
- A flaw exists in kernel-mode drivers in how linked lists pointers are handled in PATHREC objects. (CVE-2013-3660)
A remote attacker could exploit any of these vulnerabilities to elevate privileges.
SolutionMicrosoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, 2008 R2, 8, and 2012.