6 matches found
Xxe
Microsoft Visio 2003 SP3 2007 SP3, and 2010 SP1 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, aka "XML External Entities Resolution Vulnerability."...
ZDI-11-063: Microsoft Visio 2007 LZW Stream Decompression Exception Vulnerability
ZDI-11-063: Microsoft Visio 2007 LZW Stream Decompression Exception Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-063 February 8, 2011 -- CVE ID: CVE-2011-0092 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Other -- Vulnerability Details: This vulnerability allo...
Microsoft Visio 2007 LZW Stream Decompression Exception Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Visio...
Microsoft Visio 2007 DLL Hijacking Exploit (mfc80esn.dll)
Exploit for windows platform in category local exploits / ========================================================= Microsoft Visio 2007 DLL Hijacking Exploit mfc80esn.dll ========================================================= $ Program: MS Visio $ Version: 2007 $ Download:...
Microsoft Visio Memory Corruption Remote Code Execution Vulnerability
Description Microsoft Visio is prone to a remote code-execution vulnerability because it fails to adequately handle user-supplied data. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in a...
CVE-2008-1089
Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a Visio file containing crafted object header data, aka "Visio Object Header Vulnerability."...