CVE-2012-0138
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0137.
Microsoft Visio Viewer 2020 Gold y SP1 no maneja adecuadamente la memoria durante la validación de archivos, lo que premite a atacantes remotos ejecutar código de su elección a través de atributos modificados en un archivo de Visio, también conocido como "VSD File Format Memory Corruption Vulnerability". Una vulnerabilidad diferente de CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, y CVE-2012-0137.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-12-13 CVE Reserved
- 2012-02-14 CVE Published
- 2024-06-22 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
http://www.us-cert.gov/cas/techalerts/TA12-045A.html | Third Party Advisory | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14811 | Signature |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-015 | 2018-10-12 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Microsoft Search vendor "Microsoft" | Visio Viewer Search vendor "Microsoft" for product "Visio Viewer" | 2010 Search vendor "Microsoft" for product "Visio Viewer" and version "2010" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Visio Viewer Search vendor "Microsoft" for product "Visio Viewer" | 2010 Search vendor "Microsoft" for product "Visio Viewer" and version "2010" | sp1 |
Affected
|