fkie_cve-2013-1315
Vulnerability from fkie_nvd
Published
2013-09-11 14:03
Modified
2025-04-11 00:51
Severity ?
Summary
Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | excel | 2003 | |
microsoft | excel | 2007 | |
microsoft | excel | 2010 | |
microsoft | excel | 2010 | |
microsoft | excel | 2010 | |
microsoft | excel | 2013 | |
microsoft | excel | 2013 | |
microsoft | excel | 2013 | |
microsoft | excel_viewer | * | |
microsoft | office | 2011 | |
microsoft | office_compatibility_pack | * | |
microsoft | sharepoint_foundation | 2010 | |
microsoft | sharepoint_foundation | 2010 | |
microsoft | sharepoint_foundation | 2010 | |
microsoft | sharepoint_portal_server | 2003 | |
microsoft | sharepoint_server | 2007 | |
microsoft | sharepoint_server | 2010 | |
microsoft | sharepoint_server | 2010 | |
microsoft | sharepoint_services | 2.0 | |
microsoft | sharepoint_services | 3.0 | |
microsoft | office_web_apps | 2010 | |
microsoft | office_web_apps | 2010 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:excel:2003:sp3:*:*:*:*:*:*", "matchCriteriaId": "CEBB33CD-CACF-4EB8-8B5F-8E1CB8D7A440", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:excel:2007:sp3:*:*:*:*:*:*", "matchCriteriaId": "94F5E2F8-0D37-4FCC-B55A-9F09C421272C", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:excel:2010:sp1:*:*:*:*:*:*", "matchCriteriaId": "96EBA20F-201E-43AA-9F83-B73FB31696C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:x64:*", "matchCriteriaId": "5E01525C-A3AB-4AB7-82F9-B91E4D552FD7", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:x86:*:*", "matchCriteriaId": "3C4CFF7E-7170-4A6B-9A59-9815EE896C62", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:excel:2013:*:*:*:*:*:*:*", "matchCriteriaId": "0390EFCA-87B4-42D6-817A-603765F49816", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:excel:2013:*:*:*:*:*:x64:*", "matchCriteriaId": "08795370-2A25-4F0D-970D-9B087F980BBD", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:excel:2013:*:*:*:*:x86:*:*", "matchCriteriaId": "78F27907-6FAB-4A9D-B100-B3D170520A74", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:excel_viewer:*:*:*:*:*:*:*:*", "matchCriteriaId": "971EC323-267F-4DAF-BA3B-10A47A9F1ADA", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office:2011:*:mac:*:*:*:*:*", "matchCriteriaId": "0D84FC39-29AA-4EF2-ACE7-E72635126F2B", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "44BC7B7B-7191-431C-8CAE-83B3F0EFF03E", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp1:*:*:*:*:*:*", "matchCriteriaId": "0C86EA4A-7108-4A3A-A447-19CB3CA76B08", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp1:*:*:*:*:*:*", "matchCriteriaId": "0C86EA4A-7108-4A3A-A447-19CB3CA76B08", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp2:*:*:*:*:*:*", "matchCriteriaId": "81443CAD-F47E-4FD1-8E0E-8D646C90E4E3", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sharepoint_portal_server:2003:sp3:*:*:*:*:*:*", "matchCriteriaId": "D133FB73-C7F6-481C-B050-C242C771ED21", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sharepoint_server:2007:sp3:*:*:*:*:*:*", "matchCriteriaId": "6B7AEA5E-C3D7-4E6D-96F0-5F9A175631C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*", "matchCriteriaId": "6FA65D4A-00C8-47E2-AF9F-6B420017CD29", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*", "matchCriteriaId": "9A57C675-05A9-4BC2-AE95-7CA5CA6B1F73", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sharepoint_services:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "858F70F4-3128-477D-ACAA-73F0AFA23A2B", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sharepoint_services:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "55C05DB1-03DC-454B-85E5-715938F0E13E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:office_web_apps:2010:sp1:*:*:*:*:*:*", "matchCriteriaId": "343EEB54-C1B1-4D7B-8780-5B5A5F2F840C", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*", "matchCriteriaId": "A8235774-4B57-4793-BE26-2CDE67532EDD", "vulnerable": false } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" }, { "lang": "es", "value": "Microsoft SharePoint Server 2007 SP3, 2010 SP1 y SP2, y 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 y SP2, 2013, y 2013 RT; Office para Mac 2011; Excel Viewer; y Office Compatibility Pack SP3 permiten a un atacante remoto ejecutar c\u00f3digo a discrecci\u00f3n o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria), a trav\u00e9s de un documento Office manipulado, tambien conocida como \"Vulnerabilidad de Corrupci\u00f3n de Memoria en Microsoft Office\"." } ], "id": "CVE-2013-1315", "lastModified": "2025-04-11T00:51:21.963", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2013-09-11T14:03:48.027", "references": [ { "source": "secure@microsoft.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/ncas/alerts/TA13-253A" }, { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067" }, { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-073" }, { "source": "secure@microsoft.com", "tags": [ "Exploit" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18333" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18543" }, { "source": "secure@microsoft.com", "tags": [ "Vendor Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/ncas/alerts/TA13-253A" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-073" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18333" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18543" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18950" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…