CVE-2013-3182
high
CVSS v3
—
CVSS v2
7.8
VIR risk
7.8
Description
The Windows NAT Driver (aka winnat) service in Microsoft Windows Server 2012 does not properly validate memory addresses during the processing of ICMP packets, which allows remote attackers to cause a denial of service (memory corruption and system hang) via crafted packets, aka "Windows NAT Denial of Service Vulnerability."
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| windows | - | affected | |
References
- http://www.us-cert.gov/ncas/alerts/TA13-225A
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-064
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18199
- http://www.us-cert.gov/ncas/alerts/TA13-225A
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-064
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18199
CWEs
CWE-119
Verify integrity in audit chain (admin only). AS-IS.