| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS13-048 | Vulnerability in Windows Kernel Could Allow Information Disclosure (2839229) | Windows XP | Important | 12-06-2013 |
Technical Information
Brief overview of the risk:
The vulnerability could allow information disclosure if an attacker logs on to a system and runs a specially crafted application or convinces a local, logged-in user to run a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
Detailed Information on the risk:
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could disclose information from kernel addresses.
Further information on this exploit is available at : MS13-048
Affected Software
Windows XP Service Pack 3Windows Server 2003 Service Pack 2
Windows Vista Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 8 for 32-bit Systems
Windows Server 2008 for 32-bit Systems Service Pack 2