Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMicrosoftCVE-2011-1972
HistoryAug 10, 2011 - 9:55 p.m.

CVE-2011-1972

2011-08-1021:55:01
CWE-20
microsoft
web.nvd.nist.gov
36
cve-2011-1972
microsoft visio
rce
vulnerability
memory validation
file parsing
remote code execution

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.584

Percentile

97.8%

JSON

Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka β€œpStream Release RCE Vulnerability.”

Affected configurations

Nvd
Node
microsoftvisioMatch2003sp3
OR
microsoftvisioMatch2007sp2
OR
microsoftvisioMatch2010x32
OR
microsoftvisioMatch2010x64
OR
microsoftvisioMatch2010sp1x32
OR
microsoftvisioMatch2010sp1x64
VendorProductVersionCPE
microsoftvisio2003cpe:2.3:a:microsoft:visio:2003:sp3:*:*:*:*:*:*
microsoftvisio2007cpe:2.3:a:microsoft:visio:2007:sp2:*:*:*:*:*:*
microsoftvisio2010cpe:2.3:a:microsoft:visio:2010:*:x32:*:*:*:*:*
microsoftvisio2010cpe:2.3:a:microsoft:visio:2010:*:x64:*:*:*:*:*
microsoftvisio2010cpe:2.3:a:microsoft:visio:2010:sp1:x32:*:*:*:*:*
microsoftvisio2010cpe:2.3:a:microsoft:visio:2010:sp1:x64:*:*:*:*:*

Related

prion 1
cvelist 1
symantec 1
seebug 1
nvd 1
checkpoint_advisories 1
openvas 2
securityvulns 2
nessus 1
prion
prion
Design/Logic Flaw
2011-08-10 21:55:00
cvelist
cvelist
CVE-2011-1972
2011-08-10 21:16:00
symantec
symantec
Microsoft Visio CVE-2011-1972 Remote Code Execution Vulnerability
2011-08-09 00:00:00
seebug
seebug
Microsoft Visio CVE-2011-1972θΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄ž
2011-08-10 00:00:00
nvd
nvd
CVE-2011-1972
2011-08-10 21:55:01
checkpoint_advisories
checkpoint_advisories
Microsoft Office Visio UML Parsing Use After Free (MS11-060; CVE-2011-1972)
2011-08-09 00:00:00
openvas
openvas
Microsoft Visio Remote Code Execution Vulnerabilities (2560978)
2011-08-11 00:00:00
Microsoft Visio Remote Code Execution Vulnerabilities (2560978)
2011-08-11 00:00:00
securityvulns
securityvulns
CORE-2011-0106: Microsoft Publisher 2007 Pubconv.dll Memory Corruption
2011-10-16 00:00:00
Microsoft Office Visio security vulnerabilities
2011-08-10 00:00:00
nessus
nessus
MS11-060: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2560978)
2011-08-09 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.584

Percentile

97.8%

JSON
Related for CVE-2011-1972
prion1cvelist1symantec1seebug1nvd1checkpoint_advisories1openvas2securityvulns2nessus1