Microsoft Visio Insecure Library Loading Vulnerability (CVE-2010-3148)
Gravité: : Critique
Identifiant(s) CVE: : CVE-2010-3148,MS11-055
Date du conseil: 21 juillet 2015
Description
Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows local users to gain privileges via a Trojan horse mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .vsd, .vdx, .vst, or .vtx file, aka "Microsoft Visio Insecure Library Loading Vulnerability."
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1004730
Trend Micro Deep Security DPI Rule Name: 1004730 - Microsoft Visio Insecure Library Loading Vulnerability Over Network Share (CVE-2010-3148)
Affected software and version:
- microsoft visio 2003