Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0079

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2013-0079
Last Modified 02 Nov 2013 11:29:21
Published 12 Mar 2013 08:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2013-0079

Summary

Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vulnerability."

Vulnerable Systems

Application

  • Microsoft Office Filter Pack 2010

  • Microsoft Visio 2010

  • Microsoft Visio Viewer 2010


References

MS - MS13-023

CERT - TA13-071A

CERT-VN - VU#851777

IDEFENSE - 20130312 Microsoft Office Visio Viewer ActiveX Type Confusion Vulnerability

Related Patches

MS13-023 Security Update for Microsoft Visio 2010 32-Bit Edition (KB2760762)

MS13-023 Security Update for Microsoft Filter Pack 2.0 32-Bit Edition (KB2553501)

MS13-023 Security Update for Microsoft Visio Viewer 2010 32-Bit Edition (KB2687505)

MS13-023 Security Update for Microsoft Visio 2010 64-Bit Edition (KB2760762)

MS13-023 Security Update for Microsoft Visio Viewer 2010 64-Bit Edition (KB2687505)

MS13-023 Security Update for Microsoft Filter Pack 2.0 64-Bit Edition (KB2553501)

Novell SUSE 2013:7599 firefox-20130404 security update for SLE 11 SP2 i586

Novell SUSE 2013:7599 firefox-20130404 security update for SLE 11 SP2 x86_64

Novell SUSE 2013:8537 firefox-20130404 security update for SLE 10 SP4 i586

Novell SUSE 2013:8537 firefox-20130404 security update for SLE 10 SP4 x86_64


Last Updated: 27 May 2016 11:02:02