Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Microsoft Visio
дополнено с 16 апреля 2010 г.
Опубликовано:4 мая 2010 г.
Источник:
SecurityVulns ID:10765
Тип:клиент
Уровень опасности:
5/10
Описание:Различные повреждения памяти.
Затронутые продукты:MICROSOFT : Visio 2002
 MICROSOFT : Visio 2003
 MICROSOFT : Visio 2007
CVE:CVE-2010-1681 (Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office Visio allows user-assisted remote attackers to execute arbitrary code via a crafted DXF file, a different vulnerability than CVE-2010-0254 and CVE-2010-0256.)
 CVE-2010-0256 (Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly calculate unspecified indexes associated with Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Index Calculation Memory Corruption Vulnerability.")
 CVE-2010-0254 (Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Attribute Validation Memory Corruption Vulnerability.")
Оригинальный текстdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, [CORE-2010-0428] Microsoft Office Visio DXF File Insertion Buffer Overflow (04.05.2010)
 documentMICROSOFT, Microsoft Security Bulletin MS10-028 - Important Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (980094) (16.04.2010)
Файлы:Microsoft Security Bulletin MS10-028 - Important Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (980094)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород