Lucene search
K

3 matches found

seebug.org
seebug.org
added 2013/09/13 12:0 a.m.36 views

Microsoft Word XML文件处理信息泄露漏洞(CVE-2013-3160)(MS13-072)

BUGTRAQ ID: 62162 CVECAN ID: CVE-2013-3160 Microsoft Word 属于办公软件是微软公司的一个文字处理器应用程序 Microsoft Word 分析包含外部实体的特制 XML 文件的方式中存在一个信息泄露漏洞。处理XML数据时出错,通过发送包含外部实体引用的特制XML数据,攻击者可获取本地文件内容 0 Microsoft Office 2010 Microsoft Office 2007 Microsoft Office 2003 临时解决方法: 安装和配置 MOICE 以 成为 .doc 文件的注册处理程序 使用 Microsoft...

5CVSS6.8AI score0.24158EPSS
Exploits1
CVE
CVE
added 2013/09/11 10:0 a.m.62 views

CVE-2013-3160

CVE-2013-3160 corresponds to an XXE vulnerability in Microsoft Office 2003 SP3/2007 SP3, Word 2003/2007, and Word Viewer. Its root cause is improper handling of XML with an external entity declaration and an entity reference, allowing a remote attacker to read local files. Connected sources enume...

5CVSS6.5AI score0.24158EPSS
Exploits1References3Affected Software3
Tenable Nessus
Tenable Nessus
added 2013/09/11 12:0 a.m.64 views

MS13-072: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2845537)

The remote Windows host is running a version of Microsoft Office, Microsoft Word, Office Compatibility Pack, or Microsoft Word Viewer that is affected by the following remote code execution vulnerabilities : - A remote code execution vulnerability exists due to the way the XML parser used by Word...

9.3CVSS7AI score0.24158EPSS
Exploits2References14
Rows per page
Query Builder