(MS13-035) Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2821818)
Severity: HIGH
CVE Identifier: CVE-2013-1289
Advisory Date: MAY 14, 2013
DESCRIPTION
This security update resolves a reported vulnerability in Microsoft Office. The vulnerability, if left unpatched, may allow elevation of privilege if an attacker sends specially crafted content to a user.
SOLUTION
AFFECTED SOFTWARE AND VERSION
- Microsoft Groove Server 2010 Service Pack 1
- Microsoft InfoPath 2010 Service Pack 1 (32-bit editions)
- Microsoft InfoPath 2010 Service Pack 1 (64-bit editions)
- Microsoft SharePoint Server 2010 Service Pack 1
- Microsoft Office Web Apps 2010 Service Pack 1