Microsoft Visio Insecure Library Loading Vulnerability (CVE-2010-3148)
Severity: : Critical
CVE Kennungen: : CVE-2010-3148,MS11-055
Advisory Date: 21 de июля de 2015
DESCRIPTION
Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows local users to gain privileges via a Trojan horse mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .vsd, .vdx, .vst, or .vtx file, aka "Microsoft Visio Insecure Library Loading Vulnerability."
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1004730
Trend Micro Deep Security DPI Rule Name: 1004730 - Microsoft Visio Insecure Library Loading Vulnerability Over Network Share (CVE-2010-3148)
AFFECTED SOFTWARE AND VERSION:
- microsoft visio 2003