Buffer overflow in Microsoft Excel

CVE-2013-1315

Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attack…

Vulnerability class: Buffer Overflow

EPSS: 0.737 (98.8th percentile) — read the EPSS interpretation.

Affected products

Microsoft Excel — versions 2003, 2007, 2010
Microsoft Excel_viewer
Microsoft Office — versions 2011
Microsoft Office_compatibility_pack
Microsoft Office_web_apps — versions 2010
Microsoft Sharepoint_foundation — versions 2010
Microsoft Sharepoint_portal_server — versions 2003
Microsoft Sharepoint_server — versions 2007, 2010
Microsoft Sharepoint_services — versions 2.0, 3.0
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

oval:org.mitre.oval:def:18950 (Vendor Advisory, x_refsource_OVAL, signature, vdb-entry)
MS13-073 (x_refsource_MS, vendor-advisory, Patch, Vendor Advisory)
oval:org.mitre.oval:def:18333 (x_refsource_OVAL, signature, Exploit, vdb-entry)
oval:org.mitre.oval:def:18543 (Vendor Advisory, x_refsource_OVAL, signature, vdb-entry)
MS13-067 (x_refsource_MS, vendor-advisory, Patch, Vendor Advisory)
TA13-253A (US Government Resource, Third Party Advisory, x_refsource_CERT, third-party-advisory)