CVSS: 9.3EPSS: 77%CPEs: 1EXPL: 2CVE-2010-3148 – Microsoft Visio 2003 - 'mfc71enu.dll' DLL Hijacking
https://notcve.org/view.php?id=CVE-2010-3148
Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows local users to gain privileges via a Trojan horse mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .vsd, .vdx, .vst, or .vtx file, aka "Microsoft Visio Insecure Library Loading Vulnerability." Vulnerabilidad de ruta de búsqueda no confiable en Microsoft Visio 2003 permite a usuarios locales, y puede que atacantes remotos, ejecutar código de su elección y producir un ataque de secuestro de DLL, a través de un troyano mfc71enu.dll que está ubicado en la misma carpeta que un fichero .vtx. • https://www.exploit-db.com/exploits/14744 http://www.exploit-db.com/exploits/14744 http://www.us-cert.gov/cas/techalerts/TA11-193A.html http://www.vupen.com/english/advisories/2010/2192 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-055 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7122 •
CVSS: 7.6EPSS: 75%CPEs: 4EXPL: 3CVE-2010-1681 – Microsoft Visio - 'VISIODWG.dll .DXF' File Handling (MS10-028)
https://notcve.org/view.php?id=CVE-2010-1681
Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office Visio allows user-assisted remote attackers to execute arbitrary code via a crafted DXF file, a different vulnerability than CVE-2010-0254 and CVE-2010-0256. Desbordamiento de búffer basado en pila en VISIODWG.DLL anterior a v10.0.6880.4 en Microsoft Office Visio permite a atacantes remotos asistidos por el usuario ejecutar código de su elección a través de un archivo DXF manipulado, una vulnerabilidad diferente de CVE-2010-0254 y CVE-2010-0256. • https://www.exploit-db.com/exploits/17451 https://www.exploit-db.com/exploits/14944 http://www.coresecurity.com/content/ms-visio-dxf-buffer-overflow http://www.exploit-db.com/exploits/14944 http://www.securityfocus.com/archive/1/511121/100/0/threaded http://www.securityfocus.com/bid/39836 http://www.securitytracker.com/id?1023938 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 42%CPEs: 4EXPL: 0CVE-2010-0256
https://notcve.org/view.php?id=CVE-2010-0256
Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly calculate unspecified indexes associated with Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Index Calculation Memory Corruption Vulnerability." Microsoft Office Visio 2002 SP2, 2003 SP3, y 2007 SP1 y SP2 no calcula adecuadamente índices no especificado asociados con ficheros Visio, lo que permite a atacantes remotos ejecutar código de su elección a través de un fichero manipulado, conocido como "Visio Index Calculation Memory Corruption Vulnerability." • http://www.us-cert.gov/cas/techalerts/TA10-103A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-028 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6732 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.6EPSS: 39%CPEs: 4EXPL: 0CVE-2010-0254
https://notcve.org/view.php?id=CVE-2010-0254
Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Attribute Validation Memory Corruption Vulnerability." Microsoft Office Visio 2002 SP2, 2003 SP3, y 2007 SP1 y SP2 bi vakuda adecuadamente los atributos en los ficheros Visio, lo que permite a atacantes remotos ejecutar código de su elección a través de un fichero manipulado, conocido como "Visio Attribute Validation Memory Corruption Vulnerability." • http://www.us-cert.gov/cas/techalerts/TA10-103A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-028 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6819 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 37%CPEs: 61EXPL: 0CVE-2009-2504
https://notcve.org/view.php?id=CVE-2009-2504
Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "GDI+ .NET API Vulnerability." Múltiples desbordamientos de enteros en las API no especificadas en GDI+ en .NET Framework versión 1.1 SP1, .NET Framework versión 2.0 SP1 y SP2, Windows XP SP2 y SP3, Windows Server 2003 SP2, Vista versión Gold y SP1, Server 2008 versión Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 y SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 versión Gold y SP3, Office Excel Viewer 2003 Gold y SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 versión Gold, SP1 y SP2, Office Compatibility Pack for Word, Excel and PowerPoint 2007 File Formats SP1 y SP2, Expression Web, Expression Web 2, Groove 2007 versión Gold y SP1, Works versión 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 y SP3, Report Viewer 2005 SP1, Report Viewer 2008 versión Gold y SP1 y Forefront Client Security versión 1.0, de Microsoft, permiten a los atacantes remotos ejecutar código arbitrario por medio de (1) una aplicación de navegador XAML diseñada (XBAP), (2) una aplicación de ASP.NET diseñada o (3) una aplicación de .NET Framework diseñada, también se conoce como "GDI+ .NET API Vulnerability". • http://www.us-cert.gov/cas/techalerts/TA09-286A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6282 • CWE-189: Numeric Errors •