CVE-2011-0092

by Fred · 10/02/2011

The LZW stream decompression functionality in ORMELEMS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 allows remote attackers to execute arbitrary code via a Visio file with a malformed VisioDocument stream that triggers an exception handler that accesses an object that has not been fully initialized, which triggers memory corruption, aka "Visio Object Memory Corruption Vulnerability."

Date published : 2011-02-10

http://www.securityfocus.com/bid/46137

http://www.securityfocus.com/archive/1/516274/100/0/threaded

CVE-2011-0092

Similar

Recent Posts

Categories

CVE-2011-0092

Share this:

Similar

Recent Posts

Categories

Tags