(MS13-035) Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2821818)

  Severity: HIGH
  CVE Identifier: CVE-2013-1289
  Advisory Date: MAY 14, 2013

  DESCRIPTION

This security update resolves a reported vulnerability in Microsoft Office. The vulnerability, if left unpatched, may allow elevation of privilege if an attacker sends specially crafted content to a user.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Microsoft Groove Server 2010 Service Pack 1
  • Microsoft InfoPath 2010 Service Pack 1 (32-bit editions)
  • Microsoft InfoPath 2010 Service Pack 1 (64-bit editions)
  • Microsoft SharePoint Server 2010 Service Pack 1
  • Microsoft Office Web Apps 2010 Service Pack 1