New Search

Word Memory Corruption Vulnerability (CVE-2013-3160) - MS13-072

oval:org.mitre.oval:def:18819

Microsoft Office 2003 SP3 and 2007 SP3 Word 2003 SP3 and 2007 SP3 and Word Viewer allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference related to an XML External Entity (XXE) issue aka "XML External Entities Resolution Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 7
  • Microsoft Windows Vista
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2003
  • Microsoft Windows 8
  • Microsoft Windows XP
  • Microsoft Windows 2000
  • Microsoft Windows Server 2008 R2
Class:
vulnerability
Reference(s):
  • CVE-2013-3160
Product(s):
  • Microsoft Office Compatibility Pack
  • Microsoft Word 2007
  • Microsoft Word 2003
  • Microsoft Word Viewer