CVE-2013-3878

medium

Published 2013-12-11 · Modified 2026-04-29

CVSS v3

—

CVSS v2

6.9

VIR risk

6.9

Description

Stack-based buffer overflow in the LRPC client in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges by operating an LRPC server that sends a crafted LPC port message, aka "LRPC Client Buffer Overrun Vulnerability."

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

OS impact

OS	Version	Status	Fixed in
windows		affected
windows	-	affected

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-102
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-102

CWEs

CWE-119

Verify integrity in audit chain (admin only). AS-IS.