CVE-2013-3582 Detail Current Description Buffer overflow in Dell BIOS on Dell Latitude D###, E####, XT2, and Z600 devices, and Dell Precision M#### devices, allows local users to bypass intended BIOS signing requirements and install arbitrary BIOS images by leveraging administrative privileges and providing a crafted rbu_packet.pktNum value in conjunction with a crafted rbu_packet.pktSize value.

View Analysis Description Analysis Description Buffer overflow in Dell BIOS on Dell Latitude D###, E####, XT2, and Z600 devices, and Dell Precision M#### devices, allows local users to bypass intended BIOS signing requirements and install arbitrary BIOS images by leveraging administrative privileges and providing a crafted rbu_packet.pktNum value in conjunction with a crafted rbu_packet.pktSize value. Severity CVSS Version 3.x CVSS Version 2.0



CVSS 3.x Severity and Metrics:

NIST: NVD Base Score: N/A NVD score not yet provided. CVSS 2.0 Severity and Metrics:



NIST: NVD Base Score: 7.6 HIGH Vector: (AV:N/AC:H/Au:N/C:C/I:C/A:C) Weakness Enumeration CWE-ID CWE Name Source CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer NIST Known Affected Software Configurations Switch to CPE 2.2 CPEs loading, please wait. Denotes Vulnerable Software

Are we missing a CPE here? Please let us know.

Change History 1 change records found show changes Initial CVE Analysis 8/27/2013 6:27:45 PM Action Type Old Value New Value Quick Info CVE Dictionary Entry:

CVE-2013-3582

NVD Published Date:

08/28/2013

NVD Last Modified:

10/07/2013

Source:

MITRE

