CVE-2013-1331
CVE-2013-1331
In short
Microsoft Office 2003 and 2011 for Mac contain a buffer overflow flaw when processing specially crafted PNG images in documents. An attacker can exploit this to run malicious code on a victim's computer by sending a document with a malicious image.
Technical detail
A buffer overflow vulnerability exists in PNG image processing within Microsoft Office 2003 SP3 and Office 2011 for Mac, triggered by improper memory allocation of crafted PNG data embedded in Office documents. Remote code execution is possible when a user opens a malicious document containing the affected PNG data; no additional privileges or user interaction beyond opening the document is required.
Summary generated and translated by AI from the official description.
Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability."
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-051https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16713https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16732https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-1331http://www.us-cert.gov/ncas/alerts/TA13-168A