Lucene search

[email protected]CVE-2013-3156

HistorySep 11, 2013 - 2:03 p.m.

CVE-2013-3156

2013-09-1114:03:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2013-3156

microsoft access

remote code execution

memory corruption

nvd

7.7 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.872 High

EPSS

Percentile

98.6%

JSON

Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka “Access File Format Memory Corruption Vulnerability.”

CPENameOperatorVersion
microsoft:accessmicrosoft accesseq2013
microsoft:accessmicrosoft accesseq2010
microsoft:accessmicrosoft accesseq2007

CPE	Name	Operator	Version
microsoft:access	microsoft access	eq	2013
microsoft:access	microsoft access	eq	2010
microsoft:access	microsoft access	eq	2007

References

www.us-cert.gov/ncas/alerts/TA13-253A

docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-074

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18442

7.7 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.872 High

EPSS

Percentile

98.6%

JSON

Related for CVE-2013-3156

symantec1 prion1 checkpoint_advisories1 openvas2 nessus1 mskb1 securityvulns1