Memory Corruption Vulnerability in Microsoft Visio Viewer 2010
CVE-2012-0020

Currently unrated

Key Information:

Vendor: Microsoft
Status: Visio Viewer
Vendor: CVE Published:; 14 February 2012

Summary

Microsoft Visio Viewer 2010 and its Service Pack 1 versions have a vulnerability that improperly handles memory during the parsing of VSD files. This flaw can be exploited by remote attackers who craft specially designed Visio files with malicious attributes, enabling them to execute arbitrary code on the victim's machine. Organizations using these versions of Visio Viewer are advised to apply necessary updates to safeguard against potential exploitation.

References

http://www.us-cert.gov/cas/techalerts/TA12-045A.html

third-party-advisoryx_refsource_CERT

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

41% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 14, 2012
Vulnerability Reserved
Nov 9, 2011