CVE-2016-3235 – Microsoft Office OLE DLL Side Loading Vulnerability
https://notcve.org/view.php?id=CVE-2016-3235
Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability." Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3 y Visio Viewer 2010 no maneja adecuadamente la carga de librerías, lo que permite a usuarios locales obtener privilegios a través de una aplicación manipulada, también conocida como "Microsoft Office OLE DLL Side Loading Vulnerability." Microsoft Office Object Linking & Embedding (OLE) dynamic link library (DLL) contains a side loading vulnerability due to it improperly validating input before loading libraries. Successful exploitation allows for remote code execution. • https://www.exploit-db.com/exploits/41706 http://packetstormsecurity.com/files/137490/Microsoft-Visio-DLL-Hijacking.html http://seclists.org/fulldisclosure/2016/Jun/32 http://www.securityfocus.com/archive/1/538685/100/0/threaded http://www.securitytracker.com/id/1036093 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-070 https://www.securify.nl/advisory/SFY20150804/microsoft_visio_multiple_dll_side_loading_vulnerabilities.html https://securify.nl/advisory/SFY20150801/com •
CVE-2013-0079
https://notcve.org/view.php?id=CVE-2013-0079
Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vulnerability." Microsoft Visio Viewer 2010 SP1 permite a atacantes remotos ejecutar código arbitrario a través de un archivo Visio especialmente manipulado, lo que provoca una reserva de memoria incorrecta. Aka Microsoft Visio Viewer 2010 • http://www.kb.cert.org/vuls/id/851777 http://www.us-cert.gov/ncas/alerts/TA13-071A http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1024 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-023 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16300 •
CVE-2012-1888 – Microsoft Visio DWGDP MTEXT Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-1888
Buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file, aka "Visio DXF File Format Buffer Overflow Vulnerability." Desbordamiento de búfer en Microsoft Visio 2010 Service Pack 1 y Visio Viewer 2010 Service Pack 1 permite a atacantes remotos ejecutar código arbitrario a través de un archivo de Visio especialmente diseñado, también conocido como "desbordamiento de búfer Visio DXF File Format". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within DWGDP.DLL, which is responsible for parsing DXF files. When processing MTEXT strings in the ENTITIES section of the DXF file, certain characters are sought after to end the string copy function. • http://www.us-cert.gov/cas/techalerts/TA12-227A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-059 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15811 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-0018
https://notcve.org/view.php?id=CVE-2012-0018
Microsoft Visio Viewer 2010 Gold and SP1 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "VSD File Format Memory Corruption Vulnerability." Microsoft Visio Viewer 2010 Gold y SP1 no valida correctamente atributos en ficheros Visio, permitiendo así a atacantes remotos ejecutar código arbitrario mediante un fichero manipulado, también conocido como "Vulnerabilidad de corrupción de memoria en el formato de fichero VSD" • http://osvdb.org/81731 http://secunia.com/advisories/49113 http://www.securityfocus.com/bid/53328 http://www.securitytracker.com/id?1027042 http://www.us-cert.gov/cas/techalerts/TA12-129A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-031 https://exchange.xforce.ibmcloud.com/vulnerabilities/75115 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15606 • CWE-20: Improper Input Validation •
CVE-2012-0136
https://notcve.org/view.php?id=CVE-2012-0136
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0137, and CVE-2012-0138. Microsoft Visio Viewer 2020 Gold y SP1 no maneja adecuadamente la memoria durante la validación de archivos, lo que premite a atacantes remotos ejecutar código de su elección a través de atributos modificados en un archivo de Visio, también conocido como "VSD File Format Memory Corruption Vulnerability". Una vulnerabilidad diferente de CVE-2012-0019, CVE-2012-0020, CVE-2012-0137, y CVE-2012-0138. • http://www.us-cert.gov/cas/techalerts/TA12-045A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-015 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14924 • CWE-94: Improper Control of Generation of Code ('Code Injection') •