CVE-2013-5058

medium

Published 2013-12-11 · Modified 2026-04-29

CVSS v3

—

CVSS v2

6.9

VIR risk

6.9

Description

Integer overflow in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows local users to gain privileges via a crafted application, aka "Win32k Integer Overflow Vulnerability."

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: secure@microsoft.com — https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-101

OS impact

OS	Version	Status	Fixed in
windows	-	affected
windows	r2	affected

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-101
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-101

CWEs

CWE-190

Verify integrity in audit chain (admin only). AS-IS.