Visio File Version Number and Packed Object Validation Bugs Let Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1018227 |
|
SecurityTracker URL: http://securitytracker.com/id/1018227
|
|
CVE Reference:
CVE-2007-0934, CVE-2007-0936
(Links to External Site)
|
Date: Jun 12 2007
|
Impact:
Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 2002, 2003
|
Description:
Some vulnerabilities were reported in Visio. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create a Visio file (.VSD, VSS, or .VST) with a specially crafted version number that, when loaded by the target user, will execute arbitrary code on the target system [CVE-2007-0934]. The code will run with the privileges of the target user.
A Visio file with a specially crafted packed object can also cause arbitrary code execution [CVE-2007-0936].
Microsoft Office 2003 includes the affected component.
Microsoft credits Chris Ries of Vigilant Minds for reporting the document packaging vulnerability.
|
Impact:
A remote user can create a Visio file that, when loaded by the target user, will execute arbitrary code on the target user's system.
|
Solution:
The vendor has issued the following fixes.
Microsoft Visio 2002 Service Pack 2:
http://www.microsoft.com/downloads/details/aspx?FamilyId=FC1D0483-27E8-4541-B81D-4A47973BEA30
Microsoft Visio 2003 Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=C47F432E-8538-42FD-92C9-7E0F1D643E8E
The Microsoft advisory is available at:
http://www.microsoft.com/technet/security/bulletin/ms07-030.mspx
|
Vendor URL: www.microsoft.com/technet/security/bulletin/ms07-030.mspx (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS: Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
