Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1979

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-1979
Last Modified 04 Oct 2011 10:54:29
Published 10 Aug 2011 05:55:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1979

Summary

Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "Move Around the Block RCE Vulnerability."

Vulnerable Systems

Application

  • Microsoft Visio 2003

  • Microsoft Visio 2007


References

CERT - TA11-221A

MS - MS11-060

Related Patches

MS11-060 Security Update for Microsoft Visio 2010, 32-Bit Edition (KB2553008)

MS11-060 Security Update for Microsoft Visio 2010, 64-Bit Edition (KB2553008)

MS11-060 2560978 2553009 (English/MUI) Security Update for Microsoft Visio 2003

MS11-060 2560978 2553008 Security Update for Microsoft Visio 2010 (All Languages)


Last Updated: 27 May 2016 10:56:52