Sign-up

ID

VAR-201308-0297


CVE

CVE-2013-5025


TITLE

National Instruments LabWindows/CVI of Help Subsystem vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-003663

DESCRIPTION

An ActiveX control in exlauncher.dll in the Help subsystem in National Instruments LabWindows/CVI before 2013 allows remote attackers to cause a denial of service by triggering the display of local example files. LabWindows/CVI is prone to an unspecified security vulnerability. The impact of this issue is currently unknown. We will update this BID when more information emerges. Versions prior to LabWindows/CVI 2013 are vulnerable

Trust: 1.89

sources: NVD: CVE-2013-5025 // JVNDB: JVNDB-2013-003663 // BID: 61832

AFFECTED PRODUCTS

vendor:nimodel:labwindowsscope:eqversion:9.0

Trust: 1.6

vendor:nimodel:labwindowsscope:eqversion:8.5

Trust: 1.6

vendor:nimodel:labwindowsscope:eqversion:2010

Trust: 1.6

vendor:nimodel:labwindowsscope:eqversion: -

Trust: 1.6

vendor:nimodel:labwindowsscope:eqversion:2009

Trust: 1.6

vendor:nimodel:labwindowsscope:lteversion:2012

Trust: 1.0

vendor:national instrumentsmodel:labwindows/cviscope:ltversion:2013

Trust: 0.8

vendor:nimodel:labwindowsscope:eqversion:2012

Trust: 0.6

vendor:nimodel:labwindows/cviscope:eqversion:2012

Trust: 0.3

vendor:nimodel:labwindows/cviscope:eqversion:2010

Trust: 0.3

vendor:nimodel:labwindows/cviscope:eqversion:2009

Trust: 0.3

vendor:nimodel:labwindows/cviscope:neversion:2013

Trust: 0.3

sources: BID: 61832 // JVNDB: JVNDB-2013-003663 // CNNVD: CNNVD-201308-070 // NVD: CVE-2013-5025

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-5025
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-5025
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201308-070
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2013-5025
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: JVNDB: JVNDB-2013-003663 // CNNVD: CNNVD-201308-070 // NVD: CVE-2013-5025

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2013-5025

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201308-070

TYPE

Unknown

Trust: 0.3

sources: BID: 61832

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-003663

PATCH
title:How Does NI Security Update 67L8ECQW for LabWindows/CVI Help Affect Me?url:http://digital.ni.com/public.nsf/websearch/DFFB9F8AD5014E9586257B36004F6E5D?OpenDocument
Trust: 0.8
title:How Do The NI Q2 2013 Security Updates Affect Me?url:http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument
Trust: 0.8
title:NI Q2 2013セキュリティアップデートについてurl:http://digital.ni.com/public.nsf/websearchj/A13EF8E8AE2CFAA886257B750076EC0B?OpenDocument
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2013-003663

EXTERNAL IDS
db:NVDid:CVE-2013-5025
Trust: 2.7
db:JVNDBid:JVNDB-2013-003663
Trust: 0.8
db:CNNVDid:CNNVD-201308-070
Trust: 0.6
db:BIDid:61832
Trust: 0.3
sources:
            
            
            BID: 61832 // 
            
            
            
            JVNDB: JVNDB-2013-003663 // 
            
            
            
            CNNVD: CNNVD-201308-070 // 
            
            
            
            NVD: CVE-2013-5025

REFERENCES
url:http://digital.ni.com/public.nsf/websearch/dffb9f8ad5014e9586257b36004f6e5d?opendocument
Trust: 1.9
url:http://digital.ni.com/public.nsf/websearch/507dec9da57a708186257b3600512623?opendocument
Trust: 1.6
url:http://digital.ni.com/public.nsf/allkb/493d011ee5c305fd86257bcf006c8540?opendocument
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5025
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5025
Trust: 0.8
url:http://www.ni.com/lwcvi/
Trust: 0.3
url:http://www.ni.com/
Trust: 0.3
sources:
            
            
            BID: 61832 // 
            
            
            
            JVNDB: JVNDB-2013-003663 // 
            
            
            
            CNNVD: CNNVD-201308-070 // 
            
            
            
            NVD: CVE-2013-5025

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 61832

SOURCES
db:BIDid:61832
db:JVNDBid:JVNDB-2013-003663
db:CNNVDid:CNNVD-201308-070
db:NVDid:CVE-2013-5025

LAST UPDATE DATE
2025-04-11T23:18:53.723000+00:00

SOURCES UPDATE DATE
db:BIDid:61832date:2013-08-06T00:00:00
db:JVNDBid:JVNDB-2013-003663date:2013-10-11T00:00:00
db:CNNVDid:CNNVD-201308-070date:2013-08-13T00:00:00
db:NVDid:CVE-2013-5025date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:BIDid:61832date:2013-08-06T00:00:00
db:JVNDBid:JVNDB-2013-003663date:2013-08-08T00:00:00
db:CNNVDid:CNNVD-201308-070date:2013-08-07T00:00:00
db:NVDid:CVE-2013-5025date:2013-08-06T20:55:05.497