Lucene search

K
cve[email protected]CVE-2013-3159
HistorySep 11, 2013 - 2:03 p.m.

CVE-2013-3159

2013-09-1114:03:00
CWE-20
web.nvd.nist.gov
27
cve-2013-3159
microsoft excel
remote file read
xml external entity
xxe issue
nvd

6.4 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.101 Low

EPSS

Percentile

94.8%

Microsoft Excel 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Excel Viewer; and Microsoft Office Compatibility Pack SP3 allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka “XML External Entities Resolution Vulnerability.”

6.4 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.101 Low

EPSS

Percentile

94.8%