Remote Code Execution Vulnerability in Microsoft Publisher 2003 SP3
CVE-2013-1318

Currently unrated

Key Information:

Vendor: Microsoft
Status: Publisher
Vendor: CVE Published:; 15 May 2013

What is CVE-2013-1318?

Microsoft Publisher 2003 SP3 contains a vulnerability that can be exploited by remote attackers to execute arbitrary code through a specially crafted Publisher file. This flaw arises when the application accesses an invalid pointer, potentially leading to unauthorized actions within the user's system. Users of Microsoft Publisher 2003 SP3 are advised to apply security updates and exercise caution when opening Publisher files from untrusted sources to protect their data and systems.

References

http://www.us-cert.gov/ncas/alerts/TA13-134A

third-party-advisoryx_refsource_CERT

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

61% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 15, 2013
Vulnerability Reserved
Jan 12, 2013