<< Back
CVE Number Vulnerability Product Severity Date
MS13-072 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2845537) Microsoft Office Important 11-09-2013

Technical Information

Brief overview of the risk:
This security update resolves 13 privately reported vulnerabilities in Microsoft Office. The most severe vulnerabilities could allow remote code execution if a specially crafted file is opened in an affected version of Microsoft Office software.
Detailed Information on the risk:

Remote code execution vulnerabilities exist in the way that affected Microsoft Office software parses specially crafted files. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system.


Further information on this exploit is available at : MS13-072

Affected Software

Microsoft Office 2003 Service Pack 3
Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 1 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2010 Service Pack 1 (64-bit editions)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft Office Compatibility Pack Service Pack 3