Lucene search

[email protected]CVE-2011-0093

HistoryFeb 10, 2011 - 4:00 p.m.

CVE-2011-0093

2011-02-1016:00:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2011-0093

elements.dll

microsoft visio

remote code execution

nvd

security vulnerability

7.6 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.517 Medium

EPSS

Percentile

97.5%

JSON

ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does not properly parse structures during the opening of a Visio file, which allows remote attackers to execute arbitrary code via a file containing a malformed structure, aka “Visio Data Type Memory Corruption Vulnerability.”

CPENameOperatorVersion
microsoft:visiomicrosoft visioeq2007
microsoft:visiomicrosoft visioeq2002
microsoft:visiomicrosoft visioeq2003

CPE	Name	Operator	Version
microsoft:visio	microsoft visio	eq	2007
microsoft:visio	microsoft visio	eq	2002
microsoft:visio	microsoft visio	eq	2003

References

osvdb.org/70829

secunia.com/advisories/43254

www.securityfocus.com/bid/46138

www.securitytracker.com/id?1025043

www.vupen.com/english/advisories/2011/0321

docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-008

exchange.xforce.ibmcloud.com/vulnerabilities/64924

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12469

7.6 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.517 Medium

EPSS

Percentile

97.5%

JSON

Related for CVE-2011-0093

symantec1 prion1 checkpoint_advisories1 nessus1 openvas2 securityvulns1