← Back

CVE-2013-1331

nvd nist
Published: Jun 12, 2013Modified: Apr 22, 2026CISA KEV

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability."

Affected (2)

Products: Microsoft: Office
Microsoft
1 product
Office
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Microsoft
Office
Version 2003 sp3
Office
Version 2011

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (9)

Source: secure@microsoft.com
Third Party AdvisoryUS Government Resource
Source: secure@microsoft.com
PatchVendor Advisory
Source: secure@microsoft.com
Broken Link
Source: secure@microsoft.com
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource

Timeline

No history available yet.