Memory Corruption Vulnerability in Microsoft Visio Viewer 2010
CVE-2012-0018

Currently unrated

Key Information:

Vendor: Microsoft
Status: Visio Viewer
Vendor: CVE Published:; 9 May 2012

Summary

Microsoft Visio Viewer 2010, including its Gold and SP1 versions, fails to correctly validate attributes within Visio files. This flaw allows attackers to exploit the application by sending specially crafted files, potentially enabling them to execute arbitrary code on the victim's system. Users of this software are recommended to apply security updates to mitigate potential risks associated with this vulnerability.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

https://exchange.xforce.ibmcloud.com/vulnerabilities/75115

vdb-entryx_refsource_XF

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

53% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 9, 2012
Vulnerability Reserved
Nov 9, 2011