CVE-2013-1331
Published: 12 June 2013
Summary
CVE-2013-1331 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Microsoft Office. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 0.5% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SI-10 (Information Input Validation).
Deeper analysis
A buffer overflow vulnerability exists in Microsoft Office 2003 SP3 and Office 2011 for Mac due to improper memory allocation when processing crafted PNG image data embedded in Office documents. The flaw, tracked as CWE-120 and also known as the Office Buffer Overflow Vulnerability, affects document handling components in these specific Office versions.
Remote attackers can exploit the issue by delivering a malicious Office document containing specially crafted PNG data. Successful exploitation grants the ability to execute arbitrary code on the target system with the privileges of the logged-in user, provided the document is opened.
Microsoft security bulletin MS13-051 and US-CERT alert TA13-168A address the vulnerability and direct administrators to apply the corresponding patches. OVAL definitions are available to support detection of affected installations.
No information on observed in-the-wild exploitation is supplied in the source data.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2013-1371
Vulnerability details
Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability."
- CWE(s)
- KEV Date Added
- 08 June 2022
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires timely application of the Microsoft patch (MS13-051) that eliminates the PNG buffer-overflow flaw in Office 2003/2011.
Mandates input validation on untrusted PNG data embedded in documents, directly addressing the CWE-120 improper memory allocation root cause.
Requires memory-protection mechanisms (e.g., DEP, ASLR) that can block arbitrary-code execution resulting from the Office buffer overflow.