Oval Definition:oval:org.mitre.oval:def:16343
Revision Date:2014-08-18Version:30
Title:WinForms Buffer Overflow Vulnerability - MS13-004
Description:Buffer overflow in the Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application that leverages improper counting of objects during a memory copy operation, aka "WinForms Buffer Overflow Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2013-0002
Platform(s):Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0
Microsoft .NET Framework 4.5
Definition Synopsis
  • Check for xp/server 2003/versions
  • xp/server 2003 32/64/ia64
  • Microsoft Windows XP (32-bit) is installed
  • OR Microsoft Windows XP x64 is installed
  • OR Microsoft Windows Server 2003 (32-bit) is installed
  • OR Microsoft Windows Server 2003 (x64) is installed
  • OR Microsoft Windows Server 2003 (ia64) Gold is installed
  • AND .net versions
  • 1.1 sp1
  • Check if the version of System.drawing.dll is less than 1.1.4322.2502
  • AND Microsoft .NET Framework 1.1 Service Pack 1 is Installed
  • OR 2.0 sp2
  • GDR/LDR
  • Check if the version of System.drawing.dll is less than 2.0.50727.3644
  • AND Microsoft .NET Framework 2.0 Service Pack 2 is installed
  • OR 4.0
  • GDR/LDR
  • Check if the version of System.drawing.dll is less than 4.0.30319.1001
  • AND Microsoft .NET Framework 4.0 is installed
  • OR vista sp2/win 2008 and versions
  • vista 32/64/win 2008
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • OR Microsoft Windows Server 2008 (ia-64) is installed
  • AND .net versions
  • 1.1 sp1
  • Check if the version of System.drawing.dll is less than 1.1.4322.2502
  • AND Microsoft .NET Framework 1.1 Service Pack 1 is Installed
  • OR 2.0 sp2
  • GDR/LDR
  • Check if the version of System.drawing.dll is less than 2.0.50727.4235
  • AND Microsoft .NET Framework 2.0 Service Pack 2 is installed
  • OR Check for .Net 3.0
  • GDR/LDR
  • Check if the version of System.ServiceModel.dll is less than 3.0.4506.4214
  • AND Microsoft .NET Framework 3.0 SP2 is installed
  • OR 4.0
  • GDR/LDR
  • Check if the version of System.drawing.dll is less than 4.0.30319.1001
  • AND Microsoft .NET Framework 4.0 is installed
  • OR 4.5
  • GDR/LDR
  • Check if the version of System.drawing.dll is less than 4.0.30319.18021
  • AND Microsoft .NET Framework 4.5 is installed
  • OR 2008 r2/win 7/versions
  • 2008 r2/win 7 32/64
  • Microsoft Windows 7 is installed
  • OR Microsoft Windows Server 2008 R2 is installed
  • AND .net versions
  • 3.5.1
  • either file/versions
  • Check if the version of System.drawing.dll is less than 2.0.50727.4985
  • OR Check if the version of System.ServiceModel.dll is less than 3.0.4506.5007
  • AND Microsoft .NET Framework 3.5 SP1 is installed
  • OR 4.0
  • GDR/LDR
  • Check if the version of System.drawing.dll is less than 4.0.30319.1001
  • AND Microsoft .NET Framework 4.0 is installed
  • OR win 7/server 2008 R2/versions
  • win 7/server 2008 R2
  • Microsoft Windows 7 (32-bit) is installed
  • OR Microsoft Windows 7 x64 Edition is installed
  • OR Microsoft Windows Server 2008 R2 x64 Edition is installed
  • OR Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
  • AND either file/versions
  • 3.5.1
  • GDR/LDR - KB2756920
  • Check if the version of System.drawing.dll is less than 2.0.50727.5467
  • AND GDR/LDR - KB2756921
  • Check if the version of System.ServiceModel.dll is less than 3.0.4506.5452
  • AND Microsoft .NET Framework 3.5 SP1 is installed
  • OR 4.0
  • GDR/LDR
  • Check if the version of System.drawing.dll is less than 4.0.30319.1001
  • AND Microsoft .NET Framework 4.0 is installed
  • OR 4.5
  • GDR/LDR
  • Check if the version of System.drawing.dll is less than 4.0.30319.18021
  • AND Microsoft .NET Framework 4.5 is installed
  • OR Check for vulnerable XP/2003
  • Win XP/2003
  • Microsoft Windows XP (32-bit) is installed
  • OR Microsoft Windows XP x64 is installed
  • OR Microsoft Windows Server 2003 (32-bit) is installed
  • OR Microsoft Windows Server 2003 (x64) is installed
  • AND GDR/LDR
  • Check if the version of System.ServiceModel.dll is less than 3.0.4506.4037
  • OR LDR range
  • Check if version of System.ServiceModel.dll is greater than or equal to 3.0.4506.5000
  • AND Check if version of System.ServiceModel.dll is less than 3.0.4506.5845
  • AND Microsoft .NET Framework 3.0 SP2 is installed
  • OR Check for vulnerable Win 8/2012
  • Win 8/2012
  • Microsoft Windows 8 is installed
  • OR Microsoft Windows Server 2012 is installed
  • AND Check for vulnerable .Net 3.5/files
  • Check for vulnerable .Net 3.5
  • Either file/versions
  • Check if the version of System.drawing.dll is less than 2.0.50727.6401
  • OR Check if the version of System.ServiceModel.dll is less than 3.0.4506.6401
  • AND Microsoft .NET Framework 3.5 SP1 is installed
  • OR Check for vulnerable .Net 4.5
  • GDR/LDR
  • Check if the version of System.drawing.dll is less than 4.0.30319.18022
  • AND Microsoft .NET Framework 4.5 is installed
    • BACK