(MS12-059) Vulnerability in Microsoft Visio Could Allow Remote Code Execution (2733918)

  Severity: HIGH
  CVE Identifier: CVE-2012-1888
  Advisory Date: AUG 15, 2012

  DESCRIPTION

Microsoft issues a patch for a remote code execution vulnerability that exists in the way certain versions of MS Visio parses specially crafted files. Attackers looking to exploit this vulnerability must lure users to open a specially crafted file.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Microsoft Visio 2010 Service Pack 1 (32-bit editions)
  • Microsoft Visio 2010 Service Pack 1 (64-bit editions)
  • Microsoft Visio Viewer 2010 Service Pack 1 (32-bit Edition)
  • Microsoft Visio Viewer 2010 Service Pack 1 (64-bit Edition)