Back to search
CVE-2013-1296
Published: Apr 9, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The Remote Desktop ActiveX control in mstscax.dll in Microsoft Remote Desktop Connection Client 6.1 and 7.0 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a web page that triggers access to a deleted object, and allows remote RDP servers to execute arbitrary code via unspecified vectors that trigger access to a deleted object, aka "RDP ActiveX Control Remote Code Execution Vulnerability."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
TA13-100A
third-party-advisory
x_refsource_CERT
oval:org.mitre.oval:def:16598
vdb-entry
signature
x_refsource_OVAL
MS13-029
vendor-advisory
x_refsource_MS
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now