Back
CVE-2013-3660
HIGH
CISA KEV
The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 does not properly initialize a pointer for the next object in a certain list, which allows local users to obtain write access to the PATHRECORD chain, and consequently gain privileges, by triggering excessive consumption of paged memory and then making many FlattenPath function calls, aka "Win32k Read AV Vulnerability."
Published: May 24, 2013
Modified: Apr 22, 2026
CWE-119
CWE-119
CVSS Metrics
CVSSv3
Attack Vector:
LOCAL
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products (10)
| Vendor | Product | Version |
|---|---|---|
| microsoft | windows_7 | - |
| microsoft | windows_8 | - |
| microsoft | windows_rt | - |
| microsoft | windows_server_2003 | - |
| microsoft | windows_server_2008 | - |
| microsoft | windows_server_2008 | r2 |
| microsoft | windows_server_2012 | - |
| microsoft | windows_vista | - |
| microsoft | windows_xp | - |
| microsoft | windows_xp | - |
References (29)
- http://archives.neohapsis.com/archives/fulldisclosure/2013-05/0090.html Broken Link
- http://archives.neohapsis.com/archives/fulldisclosure/2013-05/0094.html Broken Link
- http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0006.html Broken Link
- http://secunia.com/advisories/53435 Broken Link, Vendor Advisory
- http://twitter.com/taviso/statuses/309157606247768064 Exploit
- http://twitter.com/taviso/statuses/335557286657400832 Not Applicable
- http://www.computerworld.com/s/article/9239477 Broken Link
- http://www.exploit-db.com/exploits/25611/ Exploit, Third Party Advisory, VDB Entry
- http://www.osvdb.org/93539 Broken Link
- http://www.reddit.com/r/netsec/comments/1eqh66/0day_windows_kernel_epathobj_vulnerability/ Exploit, Issue Tracking
- http://www.theverge.com/2013/5/23/4358400/google-engineer-bashes-microsoft-discloses-windows-flaw Press/Media Coverage
- http://www.us-cert.gov/ncas/alerts/TA13-190A Third Party Advisory, US Government Resource
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-053 Patch, Vendor Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17360 Broken Link
- http://archives.neohapsis.com/archives/fulldisclosure/2013-05/0090.html Broken Link
Risk Scores
CVSS Score
7.8 / 10
EPSS Score
39.58%
Top 2% most likely to be exploited
Threat Score
73.1 / 100
CISA Known Exploited
Date Added:
2022-03-28
Due Date:
2022-04-18
Required Action:
Apply updates per vendor instructions.
Data Sources
NVD
CISA KEV
EPSS