CVE-2013-1331

Name of the Vulnerable Software and Affected Versions Microsoft Office versions 2003 SP3 and 2011 for Mac

Description The issue is related to a buffer overflow in Microsoft Office, allowing remote attackers to execute arbitrary code via crafted PNG data in an Office document. This leads to improper memory allocation. An attacker who successfully exploits this vulnerability could take complete control of an affected system, then install programs, view, change, or delete data, or create new accounts with full user rights. Users with fewer user rights on the system could be less impacted than users operating with administrative user rights.

Recommendations For Microsoft Office 2003 SP3, update to a version that is not affected by this issue. For Microsoft Office 2011 for Mac, update to a version that is not affected by this issue. As a temporary workaround, consider avoiding the use of specially crafted Office files until a patch is available. Restrict access to sensitive data and systems to minimize the risk of exploitation.