GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2, Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2, Office Compatibility Pack SP3, and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013.
Published: 2013-11-06
CVSS: 9.3
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Download Exploit for CVE-2013-3906 here:
Use Tor Browser to access .onion links.
Check our team here:
https://wednesfieldacademy.com/exploit-250-cve-2024-29736/
https://wednesfieldacademy.com/exploit-464-cve-2025-9086/
