CVE-2013-6791 in Microsoft Enhanced Mitigation Experience Toolkit EMET
Zusammenfassung (Englisch)
Microsoft Enhanced Mitigation Experience Toolkit (EMET) before 4.0 uses predictable addresses for hooked functions, which makes it easier for context-dependent attackers to defeat the ASLR protection mechanism via a return-oriented programming (ROP) attack.
Reservieren
13.11.2013
Veröffentlichung
29.11.2013
Einträge
VulDB provides additional information and datapoints for this CVE:
| ID | Schwachstelle | CWE | Aus | Mas | CVE |
|---|---|---|---|---|---|
| 11333 | Microsoft Enhanced Mitigation Experience Toolkit EMET ASLR Information Disclosure | 200 | Proof-of-Concept | Offizieller Fix | CVE-2013-6791 |