Microsoft EMET 3.x >= 3.5 / 4.x < 4.0.4913.26122 ASLR Security Bypass

Medium Nessus Plugin ID 71176


A tool for mitigating security vulnerabilities is potentially affected by a security bypass vulnerability.


Microsoft's Enhanced Mitigation Experience Toolkit (EMET) is installed on the remote system and is 3.x newer than or equal to 3.5 or 4.x prior to 4.0.4913.26122. It is, therefore, potentially affected by a security bypass vulnerability.

The application stores function addresses in a predictable way that could aid an attacker in bypassing Address Space Layout Randomization (ASLR) protections.


Upgrade to EMET 4.0.4913.26122 or later. A possible temporary mitigation step is to disable EMET.

See Also

Plugin Details

Severity: Medium

ID: 71176

File Name: microsoft_emet_4_0_4913_26122.nasl

Version: $Revision: 1.2 $

Type: local

Agent: windows

Family: Windows

Published: 2013/12/03

Modified: 2017/07/24

Dependencies: 49675

Risk Information

Risk Factor: Medium


Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:microsoft:enhanced_mitigation_experience_toolkit

Required KB Items: SMB/Microsoft/EMET/Path

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2013/06/17

Vulnerability Publication Date: 2013/06/17

Reference Information

CVE: CVE-2013-6791

BID: 64022

OSVDB: 100398