CVE-2013-6791

EUVD-2013-6593
Microsoft Enhanced Mitigation Experience Toolkit (EMET) before 4.0 uses predictable addresses for hooked functions, which makes it easier for context-dependent attackers to defeat the ASLR protection mechanism via a return-oriented programming (ROP) attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
microsoftenhanced_mitigation_experience_toolkit
𝑥
≤ 3.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://blogs.technet.com/b/srd/archive/2013/06/17/emet-4-0-now-available-for-download.aspx
http://en.nsfocus.com/advisories/1301.html
http://www.securitytracker.com/id/1029411
http://blogs.technet.com/b/srd/archive/2013/06/17/emet-4-0-now-available-for-download.aspx
http://en.nsfocus.com/advisories/1301.html
http://www.securitytracker.com/id/1029411