Security bypass vulnerability in Microsoft EMET via a return-oriented programming (ROP) attack.| ID: oval:org.secpod.oval:def:16215 | Date: (C)2013-12-17 (M)2022-10-10 |
| Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Enhanced Mitigation Experience Toolkit (EMET) before 4.0 and is prone to security bypass vulnerability. The flaw is present in the application, which fails to handle the predictable addresses for hooked functions. Successful exploitation allows remote attacker to defeat the ASLR protection mechanism.
| Platform: |
| Microsoft Windows 7 |
| Microsoft Windows 8 |
| Microsoft Windows Server 2003 |
| Microsoft Windows Server 2008 |
| Microsoft Windows Server 2008 R2 |
| Microsoft Windows Server 2012 |
| Microsoft Windows Vista |
| Microsoft Windows XP |
| Microsoft Windows 8.1 |
| Microsoft Windows Server 2012 R2 |
| Product: |
| Microsoft Enhanced Mitigation Experience Toolkit |
