|
|
|||
| Rule General Information |
|---|
| Release Date: | 2018-10-09 | |
| Rule Name: | FILE-OFFICE Microsoft Office PNG File Handling Buffer Overflow Vulnerability -1 (CVE-2013-1331) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability." | |
| Impact: | A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks includes arbitrary code execution and denial of service. | |
| Affected OS: | Windows | |
| Reference: | MicrosoftSecurityBulletin:MS13-051 http://www.us-cert.gov/ncas/alerts/TA13-168A https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16713 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16732 |
|
| Solutions |
|---|
| Applying the patch MS13-051 is able to eliminate this problem. The bugfix is ready for download at https://docs.microsoft.com/zh-cn/security-updates/Securitybulletins/2013/ms13-051 |