Lucene search
China National Vulnerability DatabaseCNVD-2022-20139HistoryMar 10, 2022 - 12:00 a.m.
Microsoft Office Visio Remote Code Execution Vulnerability (CNVD-2022-20139)
2022-03-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
0.007 Low
EPSS
Percentile
80.4%
Microsoft Office is an office software suite of products from Microsoft Corporation (USA). Microsoft Office Visio is vulnerable to remote code execution. The vulnerability is due to a boundary error in the processing of EMR_COMMENT_EMFPLUS records in EMF images. A remote attacker could exploit this vulnerability to create a specially crafted file and trick victims into opening it with affected software, triggering an out-of-bounds write and executing arbitrary code on the target system.
Related
cve
cve
CVE-2022-24461
2022-03-09 17:15:14
nvd
nvd
CVE-2022-24461
2022-03-09 17:15:14
zdi
zdi
cvelist
cvelist
CVE-2022-24461 Microsoft Office Visio Remote Code Execution Vulnerability
2022-03-09 17:07:41
prion
prion
Remote code execution
2022-03-09 17:15:00
mscve
mscve
Microsoft Office Visio Remote Code Execution Vulnerability
2022-03-08 08:00:00
nessus
nessus
Security Updates for Microsoft Visio Products C2R (March 2022)
2022-06-10 00:00:00
Security Updates for Microsoft Visio Products (March 2022) (deprecated)
2022-03-15 00:00:00
Security Updates for Microsoft Office Products C2R (March 2022)
2022-06-10 00:00:00
openvas
openvas
Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Mar 2022)
2022-03-10 00:00:00
kaspersky
kaspersky
KLA12480 Multiple vulnerabilities in Microsoft Office
2022-03-08 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - March 2022
2022-03-08 21:08:35