(MS13-044) Vulnerability in Microsoft Word Could Allow Remote Code Execution (2830399)
Severity: MEDIUM
CVE Identifier: CVE-2013-1301
Advisory Date: MAY 17, 2013
DESCRIPTION
This security update resolves a vulnerability in Microsoft Office. The vulnerability could allow information disclosure if a user opens a maliciously-crafted Visio file. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce information that could be used to try to further compromise an affected system.
SOLUTION
AFFECTED SOFTWARE AND VERSION
- Microsoft Visio 2010 Service Pack 1 (64-bit editions)
- Microsoft Visio 2003 Service Pack 3
- Microsoft Visio 2007 Service Pack 3
- Microsoft Visio 2010 Service Pack 1 (32-bit editions)