CVSS: 9.3EPSS: 42%CPEs: 2EXPL: 0CVE-2012-0019
https://notcve.org/view.php?id=CVE-2012-0019
14 Feb 2012 — Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0020, CVE-2012-0136, CVE-2012-0137, and CVE-2012-0138. Microsoft Visio Viewer 2020 Gold y SP1 no maneja adecuadamente la memoria durante la validación de archivos, lo que premite a atacantes remotos ejecutar código de s... • http://www.us-cert.gov/cas/techalerts/TA12-045A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 42%CPEs: 2EXPL: 0CVE-2012-0020
https://notcve.org/view.php?id=CVE-2012-0020
14 Feb 2012 — Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0136, CVE-2012-0137, and CVE-2012-0138. Microsoft Visio Viewer 2020 Gold y SP1 no maneja adecuadamente la memoria durante la validación de archivos, lo que premite a atacantes remotos ejecutar código de s... • http://www.us-cert.gov/cas/techalerts/TA12-045A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 42%CPEs: 2EXPL: 0CVE-2012-0136
https://notcve.org/view.php?id=CVE-2012-0136
14 Feb 2012 — Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0137, and CVE-2012-0138. Microsoft Visio Viewer 2020 Gold y SP1 no maneja adecuadamente la memoria durante la validación de archivos, lo que premite a atacantes remotos ejecutar código de s... • http://www.us-cert.gov/cas/techalerts/TA12-045A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 42%CPEs: 2EXPL: 0CVE-2012-0137
https://notcve.org/view.php?id=CVE-2012-0137
14 Feb 2012 — Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0138. Microsoft Visio Viewer 2020 Gold y SP1 no maneja adecuadamente la memoria durante la validación de archivos, lo que premite a atacantes remotos ejecutar código de s... • http://www.us-cert.gov/cas/techalerts/TA12-045A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 42%CPEs: 2EXPL: 0CVE-2012-0138
https://notcve.org/view.php?id=CVE-2012-0138
14 Feb 2012 — Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0137. Microsoft Visio Viewer 2020 Gold y SP1 no maneja adecuadamente la memoria durante la validación de archivos, lo que premite a atacantes remotos ejecutar código de s... • http://www.us-cert.gov/cas/techalerts/TA12-045A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 61%CPEs: 6EXPL: 0CVE-2011-1972
https://notcve.org/view.php?id=CVE-2011-1972
10 Aug 2011 — Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "pStream Release RCE Vulnerability." Microsoft Visio 2003 SP3, 2007 SP2 y 2010 Gold y SP1 no valida adecuadamente los objetos en memoria durante el análisis sintáctico del fichero Visio, esto permite a atacantes remotos ejecutar código de su elección mediante un fichero manipulado. También se conoce c... • http://www.us-cert.gov/cas/techalerts/TA11-221A.html • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 61%CPEs: 2EXPL: 0CVE-2011-1979
https://notcve.org/view.php?id=CVE-2011-1979
10 Aug 2011 — Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "Move Around the Block RCE Vulnerability." Microsoft Visio 2003 SP3 y 2007 SP2 no valida apropiadamente objetos en memoria durante el "parseo" de archivos Visio, lo que permite a atacantes remotos ejecutar código arbitrario a través de un archivo modificado. También conocida como "Move Around the Block RCE Vulnerability"... • http://www.us-cert.gov/cas/techalerts/TA11-221A.html • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 45%CPEs: 3EXPL: 0CVE-2011-0093
https://notcve.org/view.php?id=CVE-2011-0093
10 Feb 2011 — ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does not properly parse structures during the opening of a Visio file, which allows remote attackers to execute arbitrary code via a file containing a malformed structure, aka "Visio Data Type Memory Corruption Vulnerability." ELEMENTS.DLL en Microsoft Visio 2002 SP2, 2003 SP3, y 2007 SP2 no parsea adecuadamente estructuras durante la apertura de un archivo Visio lo que permite que atacantes remotos ejectuten código de su elección a través de ... • http://osvdb.org/70829 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 45%CPEs: 3EXPL: 0CVE-2011-0092 – Microsoft Visio 2007 LZW Stream Decompression Exception Vulnerability
https://notcve.org/view.php?id=CVE-2011-0092
08 Feb 2011 — The LZW stream decompression functionality in ORMELEMS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 allows remote attackers to execute arbitrary code via a Visio file with a malformed VisioDocument stream that triggers an exception handler that accesses an object that has not been fully initialized, which triggers memory corruption, aka "Visio Object Memory Corruption Vulnerability." La funcionalidad de descompresión de transmisión LZW en la biblioteca ORMELEMS.DLL en Visio 2002 SP2, 2003 SP3 y 2... • http://osvdb.org/70828 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 45%CPEs: 1EXPL: 2CVE-2010-3148 – Microsoft Visio 2003 - 'mfc71enu.dll' DLL Hijacking
https://notcve.org/view.php?id=CVE-2010-3148
27 Aug 2010 — Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows local users to gain privileges via a Trojan horse mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .vsd, .vdx, .vst, or .vtx file, aka "Microsoft Visio Insecure Library Loading Vulnerability." Vulnerabilidad de ruta de búsqueda no confiable en Microsoft Visio 2003 permite a usuarios locales, y puede que atacantes remotos, ejecutar código de su elección y producir un ataque de secuestro de... • https://www.exploit-db.com/exploits/14744 •