Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
TitleVulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2830397)
Informations
NameMS13-042First vendor Publication2013-05-14
VendorMicrosoftLast vendor Modification2013-05-14
Severity (Vendor) ImportantRevision1.0

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V1.0 (May 14, 2013): Bulletin published.

Summary: This security update resolves eleven privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user open a specially crafted Publisher file with an affected version of Microsoft Publisher. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Original Source

Url : http://technet.microsoft.com/en-us/security/bulletin/ms13-042

CWE : Common Weakness Enumeration

%idName
38 %CWE-20Improper Input Validation
25 %CWE-189Numeric Errors (CWE/SANS Top 25)
12 %CWE-190Integer Overflow or Wraparound (CWE/SANS Top 25)
12 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
12 %CWE-94Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:16765
 
Oval ID: oval:org.mitre.oval:def:16765
Title: Pointer handling vulnerability in Microsoft Publisher - MS13-042
Description: Microsoft Publisher 2003 SP3, 2007 SP3, and 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers incorrect pointer handling, aka "Publisher Pointer Handling Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1328
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Microsoft Publisher 2007
Microsoft Publisher 2010
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16584
 
Oval ID: oval:org.mitre.oval:def:16584
Title: Negative value allocation vulnerability in Microsoft Publisher - MS13-042
Description: Microsoft Publisher 2003 SP3 does not properly validate the size of an unspecified array, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Negative Value Allocation Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1316
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16525
 
Oval ID: oval:org.mitre.oval:def:16525
Title: Return value validation vulnerability in Microsoft Publisher - MS13-042
Description: Microsoft Publisher 2003 SP3 does not properly check the data type of an unspecified return value, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Validation Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1321
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16355
 
Oval ID: oval:org.mitre.oval:def:16355
Title: Signed integer vulnerability in Microsoft Publisher - MS13-042
Description: Integer signedness error in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers an improper memory allocation, aka "Publisher Signed Integer Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1327
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16733
 
Oval ID: oval:org.mitre.oval:def:16733
Title: Incorrect NULL value handling vulnerability in Microsoft Publisher - MS13-042
Description: Microsoft Publisher 2003 SP3 does not properly handle NULL values for unspecified data items, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Incorrect NULL Value Handling Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1323
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16749
 
Oval ID: oval:org.mitre.oval:def:16749
Title: Return value handling vulnerability in Microsoft Publisher - MS13-042
Description: Microsoft Publisher 2003 SP3 does not properly check the return value of an unspecified method, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Handling Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1319
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16554
 
Oval ID: oval:org.mitre.oval:def:16554
Title: Buffer underflow vulnerability in Microsoft Publisher - CVE-2013-1329 - MS13-042
Description: Integer signedness error in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers a buffer underflow, aka "Publisher Buffer Underflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1329
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16682
 
Oval ID: oval:org.mitre.oval:def:16682
Title: Corrupt interface pointer vulnerability in Microsoft Publisher - MS13-042
Description: Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers access to an invalid pointer, aka "Publisher Corrupt Interface Pointer Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1318
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16548
 
Oval ID: oval:org.mitre.oval:def:16548
Title: Integer overflow vulnerability in Microsoft Publisher - MS13-042
Description: Integer overflow in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers an improper allocation-size calculation, aka "Publisher Integer Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1317
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16669
 
Oval ID: oval:org.mitre.oval:def:16669
Title: Invalid range check vulnerability in Microsoft Publisher - MS13-042
Description: Microsoft Publisher 2003 SP3 does not properly check table range data, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Invalid Range Check Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1322
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16776
 
Oval ID: oval:org.mitre.oval:def:16776
Title: Buffer overflow vulnerability in Microsoft Publisher - MS13-042
Description: Buffer overflow in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Buffer Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1320
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Publisher 2003
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application3

Information Assurance Vulnerability Management (IAVM)

DateDescription
2013-05-16IAVM : 2013-A-0107 - Multiple Microsoft Publisher Remote Code Execution Vulnerabilities
Severity : Category II - VMSKEY : V0037937

Nessus® Vulnerability Scanner

DateDescription
2013-05-15Name : Microsoft Publisher, a component of Microsoft Office installed on the remote ...
File : smb_nt_ms13-042.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
DateInformations
2016-04-27 02:01:52
  • Multiple Updates
2014-02-17 11:47:40
  • Multiple Updates
2013-11-11 12:41:33
  • Multiple Updates
2013-05-16 17:04:50
  • Multiple Updates
2013-05-15 13:21:21
  • Multiple Updates
2013-05-14 21:15:43
  • First insertion