Vulnerabilities In Microsoft Office Visio Could Allow Remote Code Execution (957634) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS09-005.

Impact

Successful exploitation could lead to memory corruption by sending a specially crafted Visio file. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms09-005.mspx

Insight

- Error exists when parsing object data during opening of Visio files. - Pop-Up error while copying object data in memory. - Error while handling of memory when opening Visio files.

Affected

Microsoft Office Visio 2002/2003/2007 on Windows

References

http://support.microsoft.com/kb/957634
http://technet.microsoft.com/en-us/security/bulletin/MS09-005

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-0095, CVE-2009-0096, CVE-2009-0097

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Microsoft DirectAccess Security Advisory (2862152)
Message Queuing Remote Code Execution Vulnerability (951071) - Remote
Microsoft DNS Resolution Remote Code Execution Vulnerability (2509553)
Microsoft .NET Framework Authentication Bypass and Spoofing Vulnerabilities (2836440)
Microsoft Active Accessibility Remote Code Execution Vulnerability (2623699)

Vulnerabilities in Microsoft Office Visio Could Allow Remote Code Execution (957634)

Take action and discover your vulnerabilities