Integer Signedness Error in Microsoft Publisher 2003 by Microsoft
CVE-2013-1327

Currently unrated

Key Information:

Vendor: Microsoft
Status: Publisher
Vendor: CVE Published:; 15 May 2013

What is CVE-2013-1327?

An integer signedness error in Microsoft Publisher 2003 SP3 creates a vulnerability that could allow remote attackers to execute arbitrary code. This issue arises when a crafted Publisher file is processed, leading to improper memory allocation. By exploiting this flaw, attackers could gain unauthorized access to execute malicious instructions on the affected system, posing significant security risks to users.

References

http://www.us-cert.gov/ncas/alerts/TA13-134A

third-party-advisoryx_refsource_CERT

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

59% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 15, 2013
Vulnerability Reserved
Jan 12, 2013