Lucene search

[email protected]NVD:CVE-2013-3889

HistoryOct 09, 2013 - 2:53 p.m.

CVE-2013-3889

2013-10-0914:53:25

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.877

Percentile

98.7%

JSON

Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; Office Compatibility Pack SP3; and Excel Services and Word Automation Services in SharePoint Server 2013 allow remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Excel Memory Corruption Vulnerability.”

Affected configurations

Nvd

Node

microsoftexcelMatch2010sp2x64

microsoftexcelMatch2010sp2x86

microsoftexcelMatch2013x64

microsoftexcelMatch2013x86

microsoftexcel_viewer

Node

microsoftofficeMatch2007sp3

microsoftofficeMatch2010sp1x64

microsoftofficeMatch2010sp1x86

microsoftofficeMatch2011mac

microsoftofficeMatch2013

microsoftoffice_2013_rtMatch-

microsoftoffice_compatibility_packsp3

Node

microsoftoffice_web_appsMatch2010sp1

microsoftoffice_web_appsMatch2010sp2

Node

microsoftsharepoint_serverMatch2007sp3

microsoftsharepoint_serverMatch2013

Node

microsoftsharepoint_serverMatch2010sp1

microsoftsharepoint_serverMatch2010sp2

VendorProductVersionCPE
microsoftexcel2010cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:x64:*
microsoftexcel2010cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:x86:*:*
microsoftexcel2013cpe:2.3:a:microsoft:excel:2013:*:*:*:*:*:x64:*
microsoftexcel2013cpe:2.3:a:microsoft:excel:2013:*:*:*:*:x86:*:*
microsoftexcel_viewer*cpe:2.3:a:microsoft:excel_viewer:*:*:*:*:*:*:*:*
microsoftoffice2007cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*
microsoftoffice2010cpe:2.3:a:microsoft:office:2010:sp1:x64:*:*:*:*:*
microsoftoffice2010cpe:2.3:a:microsoft:office:2010:sp1:x86:*:*:*:*:*
microsoftoffice2011cpe:2.3:a:microsoft:office:2011:*:mac:*:*:*:*:*
microsoftoffice2013cpe:2.3:a:microsoft:office:2013:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	excel	2010	cpe:2.3:a:microsoft:excel:2010:sp2:::::x64:*
microsoft	excel	2010	cpe:2.3:a:microsoft:excel:2010:sp2::::x86::*
microsoft	excel	2013	cpe:2.3:a:microsoft:excel:2013::::::x64:
microsoft	excel	2013	cpe:2.3:a:microsoft:excel:2013:::::x86::
microsoft	excel_viewer	*	cpe:2.3:a:microsoft:excel_viewer::::::::
microsoft	office	2007	cpe:2.3:a:microsoft:office:2007:sp3::::::
microsoft	office	2010	cpe:2.3:a:microsoft:office:2010:sp1:x64:::::*
microsoft	office	2010	cpe:2.3:a:microsoft:office:2010:sp1:x86:::::*
microsoft	office	2011	cpe:2.3:a:microsoft:office:2011::mac:::::
microsoft	office	2013	cpe:2.3:a:microsoft:office:2013:::::::*