CVSS: 9.3EPSS: 85%CPEs: 6EXPL: 3CVE-2016-3235 – Microsoft Office OLE DLL Side Loading Vulnerability
https://notcve.org/view.php?id=CVE-2016-3235
15 Jun 2016 — Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability." Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3 y Visio Viewer 2010 no maneja adecuadamente la carga de librerías, lo que permite a usuarios locales obtener privilegios a través de una aplicación ... • https://packetstorm.news/files/id/139671 •
CVSS: 9.3EPSS: 59%CPEs: 6EXPL: 0CVE-2013-0079
https://notcve.org/view.php?id=CVE-2013-0079
13 Mar 2013 — Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vulnerability." Microsoft Visio Viewer 2010 SP1 permite a atacantes remotos ejecutar código arbitrario a través de un archivo Visio especialmente manipulado, lo que provoca una reserva de memoria incorrecta. Aka Microsoft Visio Viewer 2010 • http://www.kb.cert.org/vuls/id/851777 •
CVSS: 9.3EPSS: 59%CPEs: 4EXPL: 0CVE-2012-1888 – Microsoft Visio DWGDP MTEXT Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-1888
15 Aug 2012 — Buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file, aka "Visio DXF File Format Buffer Overflow Vulnerability." Desbordamiento de búfer en Microsoft Visio 2010 Service Pack 1 y Visio Viewer 2010 Service Pack 1 permite a atacantes remotos ejecutar código arbitrario a través de un archivo de Visio especialmente diseñado, también conocido como "desbordamiento de búfer Visio DXF File Format". This vulnerability allows r... • http://www.us-cert.gov/cas/techalerts/TA12-227A.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 53%CPEs: 2EXPL: 0CVE-2012-0018
https://notcve.org/view.php?id=CVE-2012-0018
09 May 2012 — Microsoft Visio Viewer 2010 Gold and SP1 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "VSD File Format Memory Corruption Vulnerability." Microsoft Visio Viewer 2010 Gold y SP1 no valida correctamente atributos en ficheros Visio, permitiendo así a atacantes remotos ejecutar código arbitrario mediante un fichero manipulado, también conocido como "Vulnerabilidad de corrupción de memoria en el formato de fichero VSD" • http://osvdb.org/81731 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 42%CPEs: 2EXPL: 0CVE-2012-0019
https://notcve.org/view.php?id=CVE-2012-0019
14 Feb 2012 — Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0020, CVE-2012-0136, CVE-2012-0137, and CVE-2012-0138. Microsoft Visio Viewer 2020 Gold y SP1 no maneja adecuadamente la memoria durante la validación de archivos, lo que premite a atacantes remotos ejecutar código de s... • http://www.us-cert.gov/cas/techalerts/TA12-045A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 42%CPEs: 2EXPL: 0CVE-2012-0020
https://notcve.org/view.php?id=CVE-2012-0020
14 Feb 2012 — Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0136, CVE-2012-0137, and CVE-2012-0138. Microsoft Visio Viewer 2020 Gold y SP1 no maneja adecuadamente la memoria durante la validación de archivos, lo que premite a atacantes remotos ejecutar código de s... • http://www.us-cert.gov/cas/techalerts/TA12-045A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 42%CPEs: 2EXPL: 0CVE-2012-0136
https://notcve.org/view.php?id=CVE-2012-0136
14 Feb 2012 — Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0137, and CVE-2012-0138. Microsoft Visio Viewer 2020 Gold y SP1 no maneja adecuadamente la memoria durante la validación de archivos, lo que premite a atacantes remotos ejecutar código de s... • http://www.us-cert.gov/cas/techalerts/TA12-045A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 42%CPEs: 2EXPL: 0CVE-2012-0137
https://notcve.org/view.php?id=CVE-2012-0137
14 Feb 2012 — Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0138. Microsoft Visio Viewer 2020 Gold y SP1 no maneja adecuadamente la memoria durante la validación de archivos, lo que premite a atacantes remotos ejecutar código de s... • http://www.us-cert.gov/cas/techalerts/TA12-045A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 42%CPEs: 2EXPL: 0CVE-2012-0138
https://notcve.org/view.php?id=CVE-2012-0138
14 Feb 2012 — Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0137. Microsoft Visio Viewer 2020 Gold y SP1 no maneja adecuadamente la memoria durante la validación de archivos, lo que premite a atacantes remotos ejecutar código de s... • http://www.us-cert.gov/cas/techalerts/TA12-045A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 66%CPEs: 61EXPL: 0CVE-2009-3126
https://notcve.org/view.php?id=CVE-2009-3126
14 Oct 2009 — Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, ... • http://www.us-cert.gov/cas/techalerts/TA09-286A.html • CWE-189: Numeric Errors •