SecuritySpace - CVE-2013-5057

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2013-5057

Description: hxds.dll in Microsoft Office 2007 SP3 and 2010 SP1 and SP2 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted COM component on a web site that is visited with Internet Explorer, as exploited in the wild in December 2013, aka "HXDS ASLR Vulnerability."

Test IDs: 1.3.6.1.4.1.25623.1.0.903420

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2013-5057
Microsoft Security Bulletin: MS13-106
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-106

CVE ID:	CVE-2013-5057
Description:	hxds.dll in Microsoft Office 2007 SP3 and 2010 SP1 and SP2 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted COM component on a web site that is visited with Internet Explorer, as exploited in the wild in December 2013, aka "HXDS ASLR Vulnerability."
Test IDs:	1.3.6.1.4.1.25623.1.0.903420
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2013-5057 Microsoft Security Bulletin: MS13-106 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-106