9.3

CVE-2013-3889

Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; Office Compatibility Pack SP3; and Excel Services and Word Automation Services in SharePoint Server 2013 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability."

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftExcel Version2010 Updatesp2 HwPlatformx64
MicrosoftExcel Version2010 Updatesp2 SwPlatformx86
MicrosoftExcel Version2013 HwPlatformx64
MicrosoftExcel Version2013 SwPlatformx86
MicrosoftOffice Version2007 Updatesp3
MicrosoftOffice Version2010 Updatesp1 Editionx64
MicrosoftOffice Version2010 Updatesp1 Editionx86
MicrosoftOffice Version2011 Editionmac
MicrosoftOffice Version2013
MicrosoftOffice 2013 Rt Version-
MicrosoftOffice Web Apps Version2010 Updatesp1
MicrosoftOffice Web Apps Version2010 Updatesp2
MicrosoftSharepoint Server Version2007 Updatesp3
MicrosoftSharepoint Server Version2013
MicrosoftSharepoint Server Version2010 Updatesp1
MicrosoftSharepoint Server Version2010 Updatesp2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 59.51% 0.981
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.