Published: 11/12/2013 Updated: 14/05/2019
CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9
VMScore: 676
Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Summary

The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote malicious users to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability."

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows server 2008 r2

microsoft windows 7 -

microsoft windows server 2008 -

microsoft windows rt -

microsoft windows 8.1 -

microsoft windows server 2003 -

microsoft windows xp -

microsoft windows server 2012 -

microsoft windows server 2012 r2

microsoft windows rt 8.1 -

microsoft windows 8 -

microsoft windows vista -

microsoft windows xp