SecuritySpace - CVE-2013-3900

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2013-3900

Description: The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote attackers to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability."

Test IDs: 1.3.6.1.4.1.25623.1.0.903228

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2013-3900
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2013-3900
Microsoft Security Bulletin: MS13-098
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-098

CVE ID:	CVE-2013-3900
Description:	The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote attackers to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability."
Test IDs:	1.3.6.1.4.1.25623.1.0.903228
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2013-3900 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2013-3900 Microsoft Security Bulletin: MS13-098 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-098