Vulnerability Details CVE-2013-1331
Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.877
EPSS Ranking 99.4%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 9.3
Proposed Action
Microsoft Office contains a buffer overflow vulnerability that allows remote attackers to execute code via crafted PNG data in an Office document.
Ransomware Campaign
Unknown
References
- http://www.us-cert.gov/ncas/alerts/TA13-168A
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-051
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16713
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16732
- http://www.us-cert.gov/ncas/alerts/TA13-168A
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-051
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16713
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16732