VYPR
← All advisories
Unrated severityNVD Advisory· Published Jul 10, 2013· Updated Apr 29, 2026

CVE-2013-3173

CVE-2013-3173

Description

Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Buffer Overwrite Vulnerability."

Affected products

13
  • Microsoft/Windows 72 versions
    cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_7:*:sp1:x86:*:*:*:*:*
  • Microsoft/Windows 82 versions
    cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_8:-:-:x86:*:*:*:*:*
  • Microsoft/Windows Rt
    cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*
  • Microsoft/Windows Server 2003
    cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
  • Microsoft/Windows Server 20083 versions
    cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*+ 2 more
    • cpe:2.3:o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*
  • Microsoft/Windows Server 2012
    cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
  • Microsoft/Windows Vista
    cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
  • Microsoft/Windows Xp2 versions
    cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.