9 matches found
CVE-2016-3235
CVE-2016-3235 corresponds to a Microsoft Office OLE DLL side-loading vulnerability. Affected products include Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016 and Visio Viewer (2007/2010 variants). The root cause is improper library loading validation, allowing a crafted file or applica...
CVE-2012-0018
CVE-2012-0018 affects Microsoft Visio Viewer 2010 Gold and SP1. The issue is memory corruption caused by improper validation of attributes in Visio files, leading to remote code execution when processing crafted Visio documents (aka VSD File Format Memory Corruption). Severity in NVD is high (CVS...
CVE-2012-0137
CVE-2012-0137 concerns Microsoft Visio Viewer 2010 Gold and SP1 where memory is not properly managed while parsing VSD files, allowing remote code execution via crafted attributes. Connected sources corroborate a family of related Visio vulnerabilities (MS12-015) and indicate a memory corruption ...
CVE-2012-1888
CVE-2012-1888 concerns a buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 during DXF parsing. The root cause is a memory corruption flaw in the DWGDP.DLL while processing MTEXT strings in DXF files, potentially copying data beyond the stack. This allows remote code execution ...
CVE-2012-0138
CVE-2012-0138 affects Microsoft Visio Viewer 2010 Gold and SP1. The vulnerability arises from improper memory handling while parsing Visio files, allowing remote code execution via crafted attributes in a VSD file. Microsoft issued MS12-015 to address these Visio parsing memory corruption flaws (...
CVE-2013-0079
CVE-2013-0079 affects Microsoft Visio Viewer 2010 SP1. The vulnerability is described as a memory allocation error in the Visio Tree Object Confusion vulnerability that allows remote code execution when processing a crafted Visio file. Connected sources corroborate, noting this is addressed by Mi...
CVE-2012-0136
CVE-2012-0136 concerns Microsoft Visio Viewer (2010 Gold and SP1). The flaw arises during parsing of Visio files where crafted attributes trigger a memory corruption, enabling remote code execution. Multiple sources concur it affects the Visio Viewer/Visio File Format handling and ties to MS12-01...
CVE-2012-0020
Microsoft Visio Viewer 2010 Gold/SP1 and related Visio components are affected by a memory-corruption vulnerability when parsing VSD files, enabling remote code execution via crafted attributes. The issue covers multiple CVEs (CVE-2012-0019, -0020, -0136, -0137, -0138) and is addressed by Microso...
CVE-2012-0019
Microsoft Visio Viewer 2010 Gold and SP1 contains a memory corruption vulnerability in the handling of VSD file parsing, enabling remote code execution. The issue affects Visio Viewer components and is linked to the MS12-015 bulletin; Microsoft released a patch addressing these vulnerabilities. C...