CVE-2013-3851

critical Microsoft
CVSS v3 Base Score
9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS Score
53.2%
Exploitation probability in 30 days
Top 2% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C
Published: September 11, 2013 (4628 days ago)
Last Modified: April 29, 2026
Vendor: Microsoft
Source: NVD

Description

Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."

CWE

CWE-119

Affected Products

microsoft office compatibility packmicrosoft wordmicrosoft word viewer

References

🔗 www.us-cert.gov 🔗 docs.microsoft.com 🔗 oval.cisecurity.org 🔗 www.us-cert.gov 🔗 docs.microsoft.com