Lucene search
K

1000 matches found

Check Point Advisories
Check Point Advisories
added 2010/07/26 12:0 a.m.59 views

Microsoft Office Visio DXF File Inserting Buffer Overflow - Improved Performance (CVE-2010-1681)

A buffer overflow vulnerability exists in Microsoft Office Visio. The vulnerability is due to a boundary error when parsing DXF files inserted into Visio documents. This vulnerability may be exploited by remote attackers by enticing a user to open a maliciously crafted Visio file with a vulnerabl...

7.6CVSS6.6AI score0.67309EPSS
Exploits11
Saint
Saint
added 2010/05/07 12:0 a.m.30 views

Microsoft Visio DXF file insertion buffer overflow

Added: 05/07/2010 CVE: CVE-2010-1681 BID: 39836 Background Microsoft Visio is a component of the Microsoft Office suite which provides the capability to produce diagrams. Problem A buffer overflow vulnerability allows command execution when a user inserts a specially crafted DXF file into a Visio...

7.6CVSS6.7AI score0.67309EPSS
Exploits11
Saint
Saint
added 2010/05/07 12:0 a.m.33 views

Microsoft Visio DXF file insertion buffer overflow

Added: 05/07/2010 CVE: CVE-2010-1681 BID: 39836 Background Microsoft Visio is a component of the Microsoft Office suite which provides the capability to produce diagrams. Problem A buffer overflow vulnerability allows command execution when a user inserts a specially crafted DXF file into a Visio...

7.6CVSS6.7AI score0.67309EPSS
Exploits11
Saint
Saint
added 2010/05/07 12:0 a.m.29 views

Microsoft Visio DXF file insertion buffer overflow

Added: 05/07/2010 CVE: CVE-2010-1681 BID: 39836 Background Microsoft Visio is a component of the Microsoft Office suite which provides the capability to produce diagrams. Problem A buffer overflow vulnerability allows command execution when a user inserts a specially crafted DXF file into a Visio...

7.6CVSS6.7AI score0.67309EPSS
Exploits11
Saint
Saint
added 2010/05/07 12:0 a.m.39 views

Microsoft Visio DXF file insertion buffer overflow

Added: 05/07/2010 CVE: CVE-2010-1681 BID: 39836 Background Microsoft Visio is a component of the Microsoft Office suite which provides the capability to produce diagrams. Problem A buffer overflow vulnerability allows command execution when a user inserts a specially crafted DXF file into a Visio...

7.6CVSS6.7AI score0.67309EPSS
Exploits11
NVD
NVD
added 2010/05/06 12:47 p.m.35 views

CVE-2010-1681

Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office Visio allows user-assisted remote attackers to execute arbitrary code via a crafted DXF file, a different vulnerability than CVE-2010-0254 and CVE-2010-0256...

7.6CVSS7.5AI score0.67309EPSS
Exploits11References5
Prion
Prion
added 2010/05/06 12:47 p.m.15 views

Buffer overflow

Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office Visio allows user-assisted remote attackers to execute arbitrary code via a crafted DXF file, a different vulnerability than CVE-2010-0254 and CVE-2010-0256...

7.6CVSS8.2AI score0.67309EPSS
Exploits11References5Affected Software1
seebug.org
seebug.org
added 2010/05/06 12:0 a.m.27 views

Microsoft Visio VISIODWG.DLL库缓冲区溢出漏洞(MS10-028)

BUGTRAQ ID: 39836 CVE ID: CVE-2010-1681 Visio是微软Office套件中的图形编辑工具。 Visio中所使用的VISIODWG.DLL库中存在缓冲区溢出漏洞,起因是在该库的74ef偏移处执行了不安全的strcpy调用。在将DXF文件注入到Visio文档中时(通过拖放操作或从菜单栏中选择“注入 - CAD绘图”)会加载有漏洞的函数库。成功利用这个漏洞的攻击者可以以运行Visio用户的权限执行任意代码。 微软在MS10-028公告所提供的补丁中通过使用81e7偏移处的strncpy调用替换有漏洞的调用来修复这个漏洞,但公告中并没有提及这个漏洞。...

7.6CVSS1.3AI score0.67309EPSS
Exploits11
Cvelist
Cvelist
added 2010/05/05 6:0 p.m.46 views

CVE-2010-1681

Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office Visio allows user-assisted remote attackers to execute arbitrary code via a crafted DXF file, a different vulnerability than CVE-2010-0254 and CVE-2010-0256...

7.4AI score0.67309EPSS
Exploits11References5
CVE
CVE
added 2010/05/05 6:0 p.m.72 views

CVE-2010-1681

CVE-2010-1681 is a buffer overflow in VISIODWG.DLL of Microsoft Office Visio triggered by parsing inserted DXF files. Affects Visio versions using VISIODWG.DLL prior to 10.0.6880.4 (patched in KB979364 / MS10-028); original vulnerable library version cited as 10.0.5006.4. Core Security CoreLabs d...

7.6CVSS7.5AI score0.67309EPSS
Exploits11References5Affected Software1
Core Security
Core Security
added 2010/05/04 12:0 a.m.26 views

Microsoft Office Visio DXF File Insertion Buffer Overflow

Advisory ID Internal CORE-2010-0428 1. Advisory Information Title: Microsoft Office Visio DXF File Insertion Buffer Overflow Advisory Id: CORE-2010-0428 Advisory URL:https://www.coresecurity.com/core-labs/advisories/ms-visio-dxf-buffer-overflow Date published: 2010-05-04 Date of last update:...

7.6CVSS7.8AI score0.67309EPSS
Exploits11
exploitpack
exploitpack
added 2010/04/09 12:0 a.m.14 views

Microsoft-Visio

Drawing Exchange Format DXF is a kind of data file format for CAD which is designed by Autodesk for cooperation between Autocad and other software. Varius software supports dxf file and Microsoft Visio is one of them. Dxf file contain some section which every section contain some records. import...

1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2009/12/20 12:0 a.m.16 views

Microsoft Visio DXF File Handling Code Execution (MS08-019; CVE-2008-1090)

Microsoft Visio is a diagramming application that is part of the Microsoft Office suite. There exists a memory corruption vulnerability in the way Microsoft Visio handles specially-crafted DXF files. Remote attackers can exploit this vulnerability by enticing target users to open a specially...

9.3CVSS7.2AI score0.32106EPSS
Exploits1
NVD
NVD
added 2008/04/08 11:5 p.m.17 views

CVE-2008-1090

Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a crafted .DXF file, aka "Visio Memory Validation Vulnerability."...

9.3CVSS7.4AI score0.32106EPSS
Exploits1References9
Prion
Prion
added 2008/04/08 11:5 p.m.26 views

Input validation

Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a crafted .DXF file, aka "Visio Memory Validation Vulnerability."...

9.3CVSS7.9AI score0.32106EPSS
Exploits1References9Affected Software2
Cvelist
Cvelist
added 2008/04/08 11:0 p.m.25 views

CVE-2008-1090

Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a crafted .DXF file, aka "Visio Memory Validation Vulnerability."...

7.4AI score0.32106EPSS
Exploits1References9
CVE
CVE
added 2008/04/08 11:0 p.m.95 views

CVE-2008-1090

CVE-2008-1090 is a Visio memory validation vulnerability in Microsoft Visio 2002 SP2, 2003 SP2/SP3, and 2007 up to SP1. A remote attacker could exploit memory allocation handling when loading specially crafted .DXF files from disk, leading to remote code execution if a user opens the file. The vu...

9.3CVSS7.3AI score0.32106EPSS
Exploits1References9Affected Software2
NVD
NVD
added 2005/01/10 5:0 a.m.15 views

CVE-2004-1271

Buffer overflow in the dxfin function in d.c for dxfscope 0.2 allows remote attackers to execute arbitrary code via a crafted DXF file...

10CVSS7.8AI score0.05954EPSS
Exploits1References2
Cvelist
Cvelist
added 2004/12/22 5:0 a.m.17 views

CVE-2004-1271

Buffer overflow in the dxfin function in d.c for dxfscope 0.2 allows remote attackers to execute arbitrary code via a crafted DXF file...

7.8AI score0.05954EPSS
Exploits1References2
CVE
CVE
added 2004/12/22 5:0 a.m.38 views

CVE-2004-1271

The CVE-2004-1271 issue affects dxfscope 0.2 and is caused by a buffer overflow in the dxfin function in d.c. A crafted DXF file can lead to remote code execution. The connected documents do not provide remediation steps or explicit exploitation status; no MITRE/ATT&CK details are stated. Exploit...

10CVSS8.2AI score0.05954EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder