First published: Wed Sep 11 2013(Updated: )
Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Excel | =2003-sp3 | |
Microsoft Excel | =2007-sp3 | |
Microsoft Excel | =2010-sp1 | |
Microsoft Excel | =2010-sp2 | |
Microsoft Excel | =2010-sp2 | |
Microsoft Excel | =2013 | |
Microsoft Excel | =2013 | |
Microsoft Excel | =2013 | |
Microsoft Excel Viewer | ||
Microsoft Office | =2011 | |
Microsoft Office Compatibility Pack | =sp3 | |
Microsoft SharePoint Foundation | =2010-sp1 | |
Microsoft SharePoint Foundation | =2010-sp2 | |
Microsoft SharePoint Portal Server | =2003-sp3 | |
Microsoft SharePoint Server | =2007-sp3 | |
Microsoft SharePoint Server | =2010-sp1 | |
Microsoft SharePoint Server | =2010-sp2 | |
Microsoft Sharepoint Services | =2.0 | |
Microsoft Sharepoint Services | =3.0 | |
Microsoft Office Web Apps | =2010-sp1 | |
Microsoft Office Web Apps | =2010-sp2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2013-1315 is a vulnerability in Microsoft SharePoint Server, Office Web Apps, Excel, and other related software that allows remote attackers to execute arbitrary code or cause a denial of service.
CVE-2013-1315 is considered critical, with a severity rating of 9.3 out of 10.
CVE-2013-1315 affects Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, Office Web Apps 2010, Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT, Office for Mac 2011, Excel Viewer, and Office Compatibility Pack SP3.
To fix CVE-2013-1315, it is recommended to apply the security updates provided by Microsoft. Please refer to the official Microsoft security bulletins for more information.
Yes, you can find additional information about CVE-2013-1315 at the US-CERT website and the official Microsoft security bulletins.