Content
(MS09-005) Microsoft Visio Memory Validation Vulnerability (957634)
- Type
- Logic error
- Impact of exploitation
- Remote Code Execution
- User Interaction
- user interaction is needed
- Attack Vector
- Maliciously Crafted File
- Rating
- Medium
- CVE reference
- CVE-2009-0095,
- Vendor Status
- Responded and patched
- Vulnerable systems
- Visio 2002 SP2,
- Visio 2003 SP3,
- Visio 2007 SP1,
- Office Visio Viewer 2007 SP1,
- Summary
- A vulnerability in Microsoft Visio may allow for remote code execution.
Tab Navigation
Description
A vulnerability in Microsoft Visio may allow for remote code execution. The flaw is specific to an object validation issue when processing specific Visio files. Exploitation can occur via a specially-crafted Visio file. A potential attacker host such a file on a web site, or distribute the file as an email attachment. Upon execution, code execution can occur within the context of the logged in user.
McAfee Product Mitigation & Recommendations
Recommendations
The vendor has released a patch to address this issue: http://www.microsoft.com/technet/security/bulletin/ms09-005.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS09-005) Microsoft Visio Memory Validation Vulnerability (957634)
- Signature identifier:
- 6419
- Release date:
- 2/10/2009
McAfee Intrushield
- Signature:
- HTTP: Microsoft Visio Memory Corruption Vulnerability I
- Signature identifier:
- 0x4025A400
- Release date:
- 2/10/2009
- First released in:
- 5.1.12, 4.1.42, 3.1.79
McAfee Host IPS
- Signature:
- GBOP
The Remedy V-Flash of 2/10/2009 will contain remedies for this issue.
Additional Resources
Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (957634)
http://www.microsoft.com/technet/security/bulletin/ms09-005.mspx
All Information
Timeline -
2/10/2009
Vendor has provided a patch.
Description -
A vulnerability in Microsoft Visio may allow for remote code execution. The flaw is specific to an object validation issue when processing specific Visio files. Exploitation can occur via a specially-crafted Visio file. A potential attacker host such a file on a web site, or distribute the file as an email attachment. Upon execution, code execution can occur within the context of the logged in user.
McAfee Product Mitigation & Recommendations
Recommendations -
The vendor has released a patch to address this issue: http://www.microsoft.com/technet/security/bulletin/ms09-005.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS09-005) Microsoft Visio Memory Validation Vulnerability (957634)
- Signature identifier:
- 6419
- Release date:
- 2/10/2009
McAfee Intrushield
- Signature:
- HTTP: Microsoft Visio Memory Corruption Vulnerability I
- Signature identifier:
- 0x4025A400
- Release date:
- 2/10/2009
- First released in:
- 5.1.12, 4.1.42, 3.1.79
McAfee Host IPS
- Signature:
- GBOP
The Remedy V-Flash of 2/10/2009 will contain remedies for this issue.
Additional Resources
Additional Resources -
Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (957634)
http://www.microsoft.com/technet/security/bulletin/ms09-005.mspx
