MS13-051: Vulnerability in Microsoft Office Could Allow Remote Code Execution (2839571)
High Nessus Plugin ID 66867
SynopsisThe remote Office install has a buffer overflow vulnerability.
DescriptionThe remote Windows host has a version of Microsoft Office that contains a buffer overflow vulnerability that arises because certain Microsoft Office components for processing PNG files do not properly handle memory allocation.
If an attacker can trick a user on the affected host into opening a specially crafted Office file, this issue could be leveraged to execute arbitrary code subject to the user's privileges.
SolutionMicrosoft has released a patch for Office 2003.