Integer Overflow Vulnerability in Microsoft Publisher 2003
CVE-2013-1317

Currently unrated

Key Information:

Vendor: Microsoft
Status: Publisher
Vendor: CVE Published:; 15 May 2013

What is CVE-2013-1317?

An integer overflow vulnerability exists in Microsoft Publisher 2003 SP3, which can be exploited by remote attackers through specially crafted Publisher files. When a malicious file is opened, it leads to an improper allocation-size calculation, which may allow execution of arbitrary code. Users are encouraged to update their software to prevent potential exploitation.

References

http://www.us-cert.gov/ncas/alerts/TA13-134A

third-party-advisoryx_refsource_CERT

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

65% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 15, 2013
Vulnerability Reserved
Jan 12, 2013