(MS12-031) Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2597981)
Schweregrad: : Alto
Identificador(es) CVE: : CVE-2012-0018
Data do informe: 09 maio 2012
Descrição
A vulnerability in the way MS Visio handles specially crafted files could allow an attacker to take control of the vulnerable system. Logged on users that have lesser privileges on the affected system are less impacted by the effects of this vulnerability.
As a workaround, Microsoft recommends to block ActiveX Controls and Active Scripting to help block execution of specially crafted files automatically. More information on this workaround is found in the Microsoft bulletin.
Solução
Software infectado e versão:
- Microsoft Visio Viewer 2010 (32-bit Edition)
- Microsoft Visio Viewer 2010 Service Pack 1 (32-bit Edition)
- Microsoft Visio Viewer 2010 (64-bit Edition)
- Microsoft Visio Viewer 2010 Service Pack 1 (64-bit Edition)