CISA KEV 정보
| 취약점명 | Microsoft Office Buffer Overflow Vulnerability |
|---|---|
| 설명 | Microsoft Office contains a buffer overflow vulnerability that allows remote attackers to execute code via crafted PNG data in an Office document. |
| 조치사항 | Apply updates per vendor instructions. |
| 랜섬웨어 캠페인 악용 | Unknown |
| CWE | CWE-119 |
| 등록일 (KEV) | 2022-06-08 |
| 조치 기한 | 2022-06-22 |
| 추가 참고 | https://nvd.nist.gov/vuln/detail/CVE-2013-1331 |
NVD 상세 정보
CVSS v3.1: 7.8 HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HCVSS v2.0: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C설명: Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability."
CWE: CWE-120 | CWE-120
참조
- http://www.us-cert.gov/ncas/alerts/TA13-168A [Third Party Advisory, US Government Resource]
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-051 [Patch, Vendor Advisory]
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16713 [Broken Link]
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16732 [Broken Link]
- http://www.us-cert.gov/ncas/alerts/TA13-168A [Third Party Advisory, US Government Resource]
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-051 [Patch, Vendor Advisory]
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16713 [Broken Link]
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16732 [Broken Link]
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-1331
This product uses the NVD API but is not endorsed or certified by the NVD.