Vulnerability in Microsoft Windows_8
CVE-2013-1305
HTTP.sys in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP header, aka "HTTP.sys Denial of Service Vulnerability."
EPSS: 0.832 (99.3th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Windows_8
- Microsoft Windows_rt
- Microsoft Windows_server_2012
- N/a — versions n/a
Weakness classification (CWE)
References
- TA13-134A (US Government Resource, Third Party Advisory, x_refsource_CERT, third-party-advisory)
- oval:org.mitre.oval:def:16088 (x_refsource_OVAL, signature, vdb-entry)
- MS13-039 (x_refsource_MS, vendor-advisory)