CVE-2013-3889

Loading...

General

Score:9.3/10.0
Severity:High
Category:Buffer Error

Impact Metrics

Confidentiality:Complete
Integrity:Complete
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Relative vulnerabilities

CVE-2013-3890, CVE-2013-3895

Published on 09/10/13 - Updated on 19/09/17

Description

Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; Office Compatibility Pack SP3; and Excel Services and Word Automation Services in SharePoint Server 2013 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability."

Category: Buffer Error

CWE-119 (Buffer Errors)
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Security Notices

US National Vulnerability DatabaseCVE-2013-3889
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2013-AVI-563, CERTA-2013-AVI-564
Microsoft MS13-084, MS13-085
Renater 2013/VULN447, 2013/VULN448

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
microsoftexcel
microsoftexcel_viewer
microsoftoffice
microsoftoffice_2013_rt
microsoftoffice_compatibility_pack
microsoftoffice_web_apps
microsoftsharepoint_server

Share this vulnerability with:

Twitter Facebook LinkedIn Mail