Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0138

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2012-0138
Last Modified 15 Nov 2013 12:32:30
Published 14 Feb 2012 05:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-0138

Summary

Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0137.

Vulnerable Systems

Application

  • Microsoft Visio Viewer 2010


References

MS - MS12-015

CERT - TA12-045A

Related Patches

MS12-015 Security Update for Microsoft Visio Viewer 2010 32-Bit Edition (KB2597170)

MS12-015 Security Update for Microsoft Visio Viewer 2010 64-Bit Edition (KB2597170)


Last Updated: 27 May 2016 10:58:16