(MS12-059) Vulnerability in Microsoft Visio Could Allow Remote Code Execution (2733918)
Publish date: August 15, 2012
Severity: HIGH
CVE Identifier: CVE-2012-1888
Advisory Date: AUG 15, 2012
DESCRIPTION
Microsoft issues a patch for a remote code execution vulnerability that exists in the way certain versions of MS Visio parses specially crafted files. Attackers looking to exploit this vulnerability must lure users to open a specially crafted file.
SOLUTION
AFFECTED SOFTWARE AND VERSION
- Microsoft Visio 2010 Service Pack 1 (32-bit editions)
- Microsoft Visio 2010 Service Pack 1 (64-bit editions)
- Microsoft Visio Viewer 2010 Service Pack 1 (32-bit Edition)
- Microsoft Visio Viewer 2010 Service Pack 1 (64-bit Edition)
Featured Stories
One Flaw too Many: Vulnerabilities in SCADA SystemsWhat is the current state of SCADA vulnerabilities? Staying informed is essential in the fight against exploits and cyberattacks with real-world consequences.Read more
Drilling Deep: A Look at Cyberattacks on the Oil and Gas IndustryWe break down the digital attacks against the oil and gas industry and its supply chain.Read more
Halloween Exploits Scare: BlueKeep, Chrome’s Zero-Days in the WildPatch now: Two Chrome zero-days were reported, one of them actively exploited in a campaign. Meanwhile, BlueKeep was initially reported seen in the wild to install a malicious Monero miner.Read more
PHP-FPM Vulnerability (CVE-2019-11043) can Lead to Remote Code Execution in NGINX Web ServersAdministrators of NGINX web servers running PHP-FPM are advised to patch a vulnerability (CVE-2019-11043) that can let threat actors execute remote code on vulnerable, NGINX-enabled web servers. Here’s what you need to know.Read more