Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-54934
HistoryAug 14, 2012 - 12:00 a.m.

Microsoft Visio Viewer VSD File Format CVE-2012-1888 Remote Code Execution Vulnerability

2012-08-1400:00:00
Symantec Security Response
www.symantec.com
10

0.947 High

EPSS

Percentile

99.3%

JSON

Description

Microsoft Visio Viewer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.

Technologies Affected

  • Microsoft Visio 2010 (32-bit editions) SP1
  • Microsoft Visio 2010 (64-bit editions) SP1
  • Microsoft Visio Viewer 2010 (32-bit Edition)
  • Microsoft Visio Viewer 2010 (32-bit Edition) SP1
  • Microsoft Visio Viewer 2010 (64-bit Edition)
  • Microsoft Visio Viewer 2010 (64-bit Edition) SP1

Recommendations

Run all software as a nonprivileged user with minimal access rights.
To reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.

Do not accept or execute files from untrusted or unknown sources.
To reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.

Implement multiple redundant layers of security.
Since this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploit attempts of memory-corruption vulnerabilities.

Vendor updates are available. Please see the references for more information.

Related

nessus 1
openvas 2
mskb 1
prion 1
checkpoint_advisories 2
cvelist 1
cve 1
securityvulns 2
nvd 1
zdi 1
nessus
nessus
MS12-059: Buffer Overflow in Microsoft Visio and Visio Viewer Could Allow Remote Code Execution (2733918)
2012-08-15 00:00:00
openvas
openvas
Microsoft Office Visio/Viewer Remote Code Execution Vulnerability (2733918)
2012-08-15 00:00:00
Microsoft Office Visio/Viewer Remote Code Execution Vulnerability (2733918)
2012-08-15 00:00:00
mskb
mskb
MS12-059: Vulnerability in Microsoft Visio could allow remote code execution: August 14, 2012
2012-08-14 00:00:00
prion
prion
Design/Logic Flaw
2012-08-15 01:55:00
checkpoint_advisories
checkpoint_advisories
Microsoft Visio DXF File Parsing Code Execution (MS12-059; CVE-2012-1888)
2012-08-14 00:00:00
Microsoft Visio DXF File Parsing Code Execution - Ver2 (CVE-2012-1888)
2014-04-16 00:00:00
cvelist
cvelist
CVE-2012-1888
2012-08-15 01:00:00
cve
cve
CVE-2012-1888
2012-08-15 01:55:01
securityvulns
securityvulns
ZDI-12-143 : Microsoft Visio DWGDP MTEXT Remote Code Execution Vulnerability
2012-08-20 00:00:00
Microsoft Visio buffer overflow
2012-08-20 00:00:00
nvd
nvd
CVE-2012-1888
2012-08-15 01:55:01
zdi
zdi
Microsoft Visio DWGDP MTEXT Remote Code Execution Vulnerability
2012-08-17 00:00:00

0.947 High

EPSS

Percentile

99.3%

JSON
Related for SMNTC-54934
nessus1openvas2mskb1prion1checkpoint_advisories2cvelist1cve1securityvulns2nvd1zdi1