Remote Code Execution Vulnerability in Microsoft Publisher 2003 by Microsoft
CVE-2013-1321

Currently unrated

Key Information:

Vendor: Microsoft
Status: Publisher
Vendor: CVE Published:; 15 May 2013

What is CVE-2013-1321?

Microsoft Publisher 2003 SP3 contains a vulnerability that fails to properly validate the data type of an unspecified return value. This flaw can be exploited by attackers who craft malicious Publisher files, enabling them to execute arbitrary code on a victim's system upon opening the compromised document. Such exploitation can lead to unauthorized actions and compromise of sensitive information. It is crucial for users to ensure their systems are updated to mitigate this risk.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.us-cert.gov/ncas/alerts/TA13-134A

third-party-advisoryx_refsource_CERT

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

53% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 15, 2013
Vulnerability Reserved
Jan 12, 2013