CVE-2013-3891

Published: Oct 9, 2013Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability."

Affected (1)

Products: Microsoft: Word

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Word	Version 2003 sp3

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (6)

http://www.us-cert.gov/ncas/alerts/TA13-288A

Source: secure@microsoft.com

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-086

Source: secure@microsoft.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18643

Source: secure@microsoft.com

http://www.us-cert.gov/ncas/alerts/TA13-288A

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-086

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18643

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.