Remote Code Execution Vulnerability in Microsoft Access Software
CVE-2013-3157

Currently unrated

Key Information:

Vendor: Microsoft
Status: Access
Vendor: CVE Published:; 11 September 2013

Summary

A vulnerability exists in Microsoft Access that can allow remote attackers to execute arbitrary code or trigger a denial of service. This occurs via specially crafted Access files that exploit memory corruption issues. Affected versions include Microsoft Access 2007 SP3, 2010 SP1, SP2, and 2013. Attackers could leverage this vulnerability to gain control over the affected system.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.us-cert.gov/ncas/alerts/TA13-253A

third-party-advisoryx_refsource_CERT

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

47% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 11, 2013
Vulnerability Reserved
Apr 17, 2013