CVE-2013-1315

Name of the Vulnerable Software and Affected Versions Microsoft SharePoint Server versions 2007 SP3, 2010 SP1 and SP2, and 2013 Office Web Apps 2010 Excel versions 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT Office for Mac 2011 Excel Viewer Office Compatibility Pack SP3

Description A remote code execution issue exists due to the way Microsoft Excel parses content in Excel files, potentially allowing an attacker to execute arbitrary code or cause a denial of service through memory corruption. This could enable an attacker to take complete control of an affected system, install programs, view, change, or delete data, or create new accounts with full user rights. The impact may be less severe for users with fewer user rights on the system compared to those operating with administrative user rights.

Recommendations For Microsoft SharePoint Server versions 2007 SP3, 2010 SP1 and SP2, and 2013, update to a version that includes the fix for this issue. For Office Web Apps 2010, update to a version that includes the fix for this issue. For Excel versions 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT, update to a version that includes the fix for this issue. For Office for Mac 2011, update to a version that includes the fix for this issue. For Excel Viewer, update to a version that includes the fix for this issue. For Office Compatibility Pack SP3, update to a version that includes the fix for this issue.