Memory Corruption Vulnerability in Microsoft Visio Viewer 2010
CVE-2012-0019

Currently unrated

Key Information:

Vendor: Microsoft
Status: Visio Viewer
Vendor: CVE Published:; 14 February 2012

What is CVE-2012-0019?

Microsoft Visio Viewer 2010, including Gold and SP1 versions, contains a memory corruption vulnerability due to improper handling of memory during the parsing of VSD files. Attackers can exploit this issue by crafting malicious attributes within Visio files, potentially allowing them to execute arbitrary code. This vulnerability underscores the importance of regularly updating and patching software to mitigate security risks associated with file handling and processing.

References

http://www.us-cert.gov/cas/techalerts/TA12-045A.html

third-party-advisoryx_refsource_CERT

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

41% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 14, 2012
Vulnerability Reserved
Nov 9, 2011