Microsoft Windows CVE-2013-1286 Local Privilege Escalation Vulnerability

Bugtraq ID:	58360
Class:	Unknown
CVE:	CVE-2013-1286
Remote:	No
Local:	Yes
Published:	Mar 12 2013 12:00AM
Updated:	Mar 12 2013 12:00AM
Credit:	Andy Davis of NCC Group
Vulnerable:	Microsoft Windows XP Service Pack 3 0 Microsoft Windows XP Professional x64 Edition SP2 Microsoft Windows Vista Service Pack 2 0 Microsoft Windows Server 2008 R2 Itanium SP1 Microsoft Windows Server 2008 R2 Itanium 0 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems 0 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2003 x64 SP2 Microsoft Windows Server 2003 Itanium SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems 0 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for 32-bit Systems 0
Not Vulnerable:

Microsoft Windows CVE-2013-1286 Local Privilege Escalation Vulnerability

Microsoft Windows is prone to a local privilege-escalation vulnerability.

An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers.

Microsoft Windows CVE-2013-1286 Local Privilege Escalation Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Microsoft Windows CVE-2013-1286 Local Privilege Escalation Vulnerability

References:

• Microsoft Windows Homepage (Microsoft )