Lucene search

SAINT CorporationSAINT:67A1127D5E9729A064ADBC5242F9ACD6

HistoryMay 07, 2010 - 12:00 a.m.

Microsoft Visio DXF file insertion buffer overflow

2010-05-0700:00:00

SAINT Corporation

my.saintcorporation.com

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.744 High

EPSS

Percentile

98.0%

JSON

Added: 05/07/2010
CVE: CVE-2010-1681
BID: 39836

Background

Microsoft Visio is a component of the Microsoft Office suite which provides the capability to produce diagrams.

Problem

A buffer overflow vulnerability allows command execution when a user inserts a specially crafted DXF file into a Visio document.

Resolution

Apply the patch found in Microsoft Security Bulletin 10-028.

References

<http://www.securityfocus.com/archive/1/511121>

Limitations

Exploit works on Microsoft Visio 2002 SP2 and requires a user to drag and drop the exploit file into Visio.

Platforms

Windows

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.744 High

EPSS

Percentile

98.0%

JSON

Related for SAINT:67A1127D5E9729A064ADBC5242F9ACD6