Lucene search
Tran Van Khang - khangkito (VinCSS)ZDI-21-1081HistorySep 16, 2021 - 12:00 a.m.
Microsoft Office Visio EMF File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability
2021-09-1600:00:00
Tran Van Khang - khangkito (VinCSS)
www.zerodayinitiative.com
33
0.013 Low
EPSS
Percentile
85.8%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
cve
cve
CVE-2021-38654
2021-09-15 12:15:15
nvd
nvd
CVE-2021-38654
2021-09-15 12:15:15
mscve
mscve
Microsoft Office Visio Remote Code Execution Vulnerability
2021-09-14 07:00:00
prion
prion
Remote code execution
2021-09-15 12:15:00
cvelist
cvelist
CVE-2021-38654 Microsoft Office Visio Remote Code Execution Vulnerability
2021-09-15 11:24:13
openvas
openvas
kaspersky
kaspersky
KLA12288 Multiple vulnerabilities in Microsoft Office
2021-09-14 00:00:00
qualysblog
qualysblog
rapid7blog
rapid7blog
Patch Tuesday - September 2021
2021-09-15 03:44:31