CVE-2013-1331

high Microsoft ⚠️ CISA KEV — Exploited in the Wild
CVSS v3 Base Score
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
88.9%
Exploitation probability in 30 days
Top 0% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Confidentiality
High
Integrity
High
Availability
High
Published: June 12, 2013 (4720 days ago)
Last Modified: April 22, 2026
Vendor: Microsoft
Source: NVD

⚠️ CISA Known Exploited Vulnerability

Added to KEV: 2022-06-08
Remediation Due: 2022-06-22 (⚠ 1423d overdue)

Description

Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability."

CWE

CWE-120

Affected Products

microsoft office

References

🔗 www.us-cert.gov 🔗 docs.microsoft.com 🔗 oval.cisecurity.org 🔗 oval.cisecurity.org 🔗 www.us-cert.gov