(MS13-044) Vulnerability in Microsoft Word Could Allow Remote Code Execution (2830399)

  Severity: MEDIUM
  CVE Identifier: CVE-2013-1301
  Advisory Date: MAY 17, 2013

  DESCRIPTION

This security update resolves a vulnerability in Microsoft Office. The vulnerability could allow information disclosure if a user opens a maliciously-crafted Visio file. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce information that could be used to try to further compromise an affected system.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Microsoft Visio 2010 Service Pack 1 (64-bit editions)
  • Microsoft Visio 2003 Service Pack 3
  • Microsoft Visio 2007 Service Pack 3
  • Microsoft Visio 2010 Service Pack 1 (32-bit editions)