ID CVE-2013-1319
Summary Microsoft Publisher 2003 SP3 does not properly check the return value of an unspecified method, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Handling Vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:publisher:2003:sp3:*:*:*:*:*:*
    cpe:2.3:a:microsoft:publisher:2003:sp3:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 12-10-2018 - 22:04)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
assigner via4 cve@mitre.org
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
non_vulnerable_configuration via4
    oval via4
    accepted 2014-08-18T04:01:47.135-04:00
    class vulnerability
    contributors
    • name SecPod Team
      organization SecPod Technologies
    • name Maria Kedovskaya
      organization ALTX-SOFT
    • name Evgeniy Pavlov
      organization ALTX-SOFT
    definition_extensions
    comment Microsoft Publisher 2003 SP3 is installed
    oval oval:org.mitre.oval:def:16382
    description Microsoft Publisher 2003 SP3 does not properly check the return value of an unspecified method, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Handling Vulnerability."
    family windows
    id oval:org.mitre.oval:def:16749
    status accepted
    submitted 2013-05-17T11:17:16
    title Return value handling vulnerability in Microsoft Publisher - MS13-042
    version 12
    refmap via4
    cert TA13-134A
    ms MS13-042
    vulnerable_product via4 cpe:2.3:a:microsoft:publisher:2003:sp3:*:*:*:*:*:*
    Last major update 12-10-2018 - 22:04
    Published 15-05-2013 - 03:36
    Back to Top