Stack-Based Buffer Overflow in Microsoft Office Products
CVE-2013-1324

Currently unrated

Key Information:

Vendor: Microsoft
Status: Office 2013 Rt; Office
Vendor: CVE Published:; 13 November 2013

Summary

A stack-based buffer overflow in Microsoft Office 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT can be exploited by remote attackers through specially crafted WordPerfect documents (.wpd). This vulnerability potentially allows the execution of arbitrary code, posing significant risks to users when opening malicious files.

References

http://www.us-cert.gov/ncas/alerts/TA13-317A

third-party-advisoryx_refsource_CERT

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

55% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 13, 2013
Vulnerability Reserved
Jan 12, 2013