Oval Definition:oval:org.mitre.oval:def:16260
Revision Date:2013-05-27Version:44
Title:CSRSS Memory Corruption Vulnerability - MS13-033
Description:The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "CSRSS Memory Corruption Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2013-1295
Platform(s):Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s):
Definition Synopsis
  • Win XP X86 and vulnerable file version
  • Microsoft Windows XP (x86) SP3 is installed
  • AND Check if the version of winsrv.dll is less than 5.1.2600.6368
  • OR XP X64 / 2K3 and vulnerable file version
  • XP X64 / 2K3
  • Microsoft Windows XP x64 Edition SP2 is installed
  • OR Microsoft Windows Server 2003 SP2 (x86) is installed
  • OR Microsoft Windows Server 2003 SP2 (x64) is installed
  • OR Microsoft Windows Server 2003 (ia64) SP2 is installed
  • AND Check if the version of winsrv.dll is less than 5.2.3790.5138
  • OR Vista / 2K8 and vulnerable file version
  • Vista / 2K8
  • Microsoft Windows Vista (32-bit) Service Pack 2 is installed
  • OR Microsoft Windows Vista x64 Edition Service Pack 2 is installed
  • OR Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed
  • OR Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed
  • OR Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed
  • AND Check for vulnerable version
  • Check if the version of winsrv.dll is less than 6.0.6002.18804
  • OR Check for LDR
  • the version of Winsrv.dll is greater than or equal to 6.0.6002.22000
  • AND Check if the version of winsrv.dll is less than 6.0.6002.23075
    • BACK