Vulnerability in Microsoft Windows_xp

CVE-2013-1313

Object Linking and Embedding (OLE) Automation in Microsoft Windows XP SP3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted RTF document, aka "OLE Automation Remote Code Execution Vuln…

EPSS: 0.610 (98.3th percentile) — read the EPSS interpretation.

Affected products

Microsoft Windows_xp
N/a — versions n/a

Weakness classification (CWE)

CWE-399

References

MS13-037 (x_refsource_MS, vendor-advisory)
oval:org.mitre.oval:def:16385 (x_refsource_OVAL, signature, vdb-entry)
TA13-043B (US Government Resource, x_refsource_CERT, third-party-advisory)
MS13-020 (x_refsource_MS, vendor-advisory)