Published: 09/01/2013 Updated: 07/12/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

The Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 4, and 4.5 does not properly initialize memory arrays, which allows remote malicious users to obtain sensitive information via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application that leverages a pointer to an unmanaged memory location, aka "System Drawing Information Disclosure Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft .net_framework 1.0
microsoft .net_framework 1.1
microsoft .net_framework 2.0
microsoft .net_framework 4.0
microsoft .net_framework 3.5
microsoft .net_framework 3.5.1
microsoft .net_framework 4.5

The victims web application.

Victims Web Service The victims web application Report an Issue If you find an issue with the service at victims or the code, either Create a new issue at githubcom/victims/victims-web/issues Email vicitms@librelistcom Contributing If you have a patch or a feature that you want considered to be added to the project, feel free to send us a pull request

CWE-200 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15814 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-004 https://nvd.nist.gov https://github.com/victims/victims-web

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-0001

Vulnerability Summary

Github Repositories

References

Vulmon Search

About

Products

Connect