Lucene search

[email protected]CVE-2010-0256

HistoryApr 14, 2010 - 4:00 p.m.

CVE-2010-0256

2010-04-1416:00:00

CWE-94

[email protected]

web.nvd.nist.gov

microsoft office

visio

cve-2010-0256

remote code execution

memory corruption

nvd

7.5 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.423 Medium

EPSS

Percentile

97.3%

JSON

Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly calculate unspecified indexes associated with Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka “Visio Index Calculation Memory Corruption Vulnerability.”

CPENameOperatorVersion
microsoft:visiomicrosoft visioeq2007
microsoft:visiomicrosoft visioeq2002
microsoft:visiomicrosoft visioeq2003

CPE	Name	Operator	Version
microsoft:visio	microsoft visio	eq	2007
microsoft:visio	microsoft visio	eq	2002
microsoft:visio	microsoft visio	eq	2003

References

www.us-cert.gov/cas/techalerts/TA10-103A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-028

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6732

7.5 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.423 Medium

EPSS

Percentile

97.3%

JSON

Related for CVE-2010-0256

prion2 openvas2 checkpoint_advisories1 securityvulns2 nessus1 cve1