CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
EPSS
Percentile
98.3%
Added: 05/07/2010
CVE: CVE-2010-1681
BID: 39836
Microsoft Visio is a component of the Microsoft Office suite which provides the capability to produce diagrams.
A buffer overflow vulnerability allows command execution when a user inserts a specially crafted DXF file into a Visio document.
Apply the patch found in Microsoft Security Bulletin 10-028.
<http://www.securityfocus.com/archive/1/511121>
Exploit works on Microsoft Visio 2002 SP2 and requires a user to drag and drop the exploit file into Visio.
Windows