Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2013-3160
HistorySep 11, 2013 - 2:03 p.m.

CVE-2013-3160

2013-09-1114:03:48
CWE-200
[email protected]
web.nvd.nist.gov
24
cve-2013-3160
microsoft office
word
xxe
vulnerability
nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.035 Low

EPSS

Percentile

91.6%

JSON

Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, and Word Viewer allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka โ€œXML External Entities Resolution Vulnerability.โ€

Affected configurations

NVD
Node
microsoftofficeMatch2003sp3
OR
microsoftofficeMatch2007sp3
OR
microsoftwordMatch2003sp3
OR
microsoftwordMatch2007sp3
OR
microsoftword_viewer

Related

nvd 1
symantec 1
ptsecurity 1
cvelist 1
seebug 1
prion 1
openvas 8
nessus 1
securityvulns 1
nvd
nvd
CVE-2013-3160
2013-09-11 14:03:48
symantec
symantec
Microsoft Word CVE-2013-3160 XML Files Handling Information Disclosure Vulnerability
2013-09-10 00:00:00
ptsecurity
ptsecurity
PT-2013-73: XML External Entities Resolution vulnerability in Microsoft Office Word
2012-11-26 00:00:00
cvelist
cvelist
CVE-2013-3160
2013-09-11 10:00:00
seebug
seebug
Microsoft Word XMLๆ–‡ไปถๅค„็†ไฟกๆฏๆณ„้œฒๆผๆดž(CVE-2013-3160)(MS13-072)
2013-09-13 00:00:00
prion
prion
Xxe
2013-09-11 14:03:00
openvas
openvas
Microsoft Office Word Remote Code Execution Vulnerabilities (2845537)
2013-09-11 00:00:00
Microsoft Office Remote Code Execution Vulnerabilities (2845537)
2013-09-11 00:00:00
Microsoft Office Word Viewer Remote Code Execution Vulnerabilities (2845537)
2013-09-11 00:00:00
nessus
nessus
MS13-072: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2845537)
2013-09-11 00:00:00
securityvulns
securityvulns
Microsoft Office multiple security vulnerabilities
2013-09-11 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.035 Low

EPSS

Percentile

91.6%

JSON
Related for CVE-2013-3160
nvd1symantec1ptsecurity1cvelist1seebug1prion1openvas8nessus1securityvulns1