How severe is CVE-2013-3940?

This vulnerability has a severity rating of HIGH with a CVSS score of 9.3 out of 10.

What type of vulnerability is CVE-2013-3940?

This is classified as CWE-190, which is a common weakness in software security.

CVE-2013-3940

HIGH Year: 2013

CVSS v2 Score

9.3

Critical

Weakness Type

CWE-190

View all →

Vulnerability Description

Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image in a Windows Write (.wri) document, which is not properly handled in WordPad, aka "Graphics Device Interface Integer Overflow Vulnerability."

CVE-2020-27484

CRITICAL

CVSS:9.9(Critical)

Garmin Forerunner 235 before 8.20 is affected by: Integer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ ...

CWE-1902020

CVE-2022-1699

CRITICAL

CVSS:9.9(Critical)

Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resou...

CWE-1902022

CVE-2002-0391

CRITICAL

CVSS:9.8(Critical)

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by...

CWE-1902002

CVE-2002-0639

CRITICAL

CVSS:9.8(Critical)

Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using...

CWE-1902002

CVE-2005-0102

CRITICAL

CVSS:9.8(Critical)

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte ...

CWE-1902005

CVE-2005-1141

CRITICAL

CVSS:9.8(Critical)

Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allows remote attackers to execute arbitrary code via a PNM file with large width and height values, whi...

CWE-1902005

CVE-2013-3940

Vulnerability Description

Related Vulnerabilities

CVE-2020-27484

CVE-2022-1699

CVE-2002-0391

CVE-2002-0639

CVE-2005-0102

CVE-2005-1141