Buffer overflow in Microsoft Malware_protection_engine

CVE-2013-1346

mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0 on x64 platforms allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file.

Vulnerability class: Buffer Overflow

EPSS: 0.183 (95.3th percentile) — read the EPSS interpretation.

Affected products

Microsoft Malware_protection_engine
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

secure@microsoft.com (x_refsource_CONFIRM, Patch, Vendor Advisory)