Oval Definition:oval:org.mitre.oval:def:18950
Revision Date:2014-06-30Version:23
Title:Microsoft Office Memory Corruption Vulnerability (CVE-2013-1315) - MS13-073
Description:Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2013-1315
Platform(s):Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Microsoft Excel 2003
Microsoft Excel 2007
Microsoft Excel 2010
Microsoft Excel 2013
Microsoft Excel Viewer 2007
Microsoft Office Compatibility Pack
Definition Synopsis
  • excel 2003/versions
  • Check if the version of excel.exe is less than 11.0.8404
  • AND Microsoft Excel 2003 SP3 is installed
  • OR excel 2007/versions
  • Check if the version of excel.exe is less than 12.0.6679.5000
  • AND Microsoft Excel 2007 SP3 is installed
  • OR excel viewer/versions
  • Microsoft Excel Viewer 2007 SP3 is installed
  • AND Check if the version of xlview.exe is less than 12.0.6679.5000
  • OR compatibility pack/versions
  • Check if the version of excelcnv.exe is less than 12.0.6679.5000
  • AND Microsoft Office Compatibility Pack SP3 is installed
  • OR excel 2010/versions
  • 2010 sp1/sp2
  • Microsoft Excel 2010 SP2 is installed
  • OR Microsoft Excel 2010 SP1 is installed
  • AND Check if the version of excel.exe is less than 14.0.7104.5000
  • OR excel 2013/versions
  • Microsoft Excel 2013 is installed
  • AND Check if the version of excel.exe is less than 15.0.4535.1003
    • BACK