Home / vulnerabilities fortinet-visio.txt
Posted on 14 April 2010
Source : packetstormsecurity.org Link
Fortinet Discovers Multiple Microsoft Visio Vulnerabilities (MS10-028)
2010.April.13
Summary:
Fortinet's FortiGuard Labs has discovered two memory corruption
vulnerabilities in Microsoft Office Visio, which allow a remote attacker to
compromise a system through a malicious document.
Impact:
Remote Code Execution.
Risk:
High.
Affected Software:
For a list of affected software, please refer to the Microsoft Security
Bulletin reference below.
Additional Information:
Two memory corruption vulnerabilities were discovered in Microsoft Office
Visio, each of which is highlighted below:
* Memory corruption in "vislib.dll" (CVE-2010-0254)
* Memory corruption in "vislib.dll" (CVE-2010-0256)
The vulnerabilities are triggered when opening and rendering a Visio file. A
remote attacker could craft a malicious document which exploits either one
of these vulnerabilities, allowing them to compromise a system.
Solutions:
* Users should apply the solution provided by Microsoft.
FortiGuard Labs released the following signatures to protect against these
vulnerabilities
* "MS.Visio.Attribute.Memory.Corruption", previously released as
"FG-VD-09-006-Microsoft" (CVE-2010-0254).
* "MS.Visio.objectID.Memory.Corruption", previously released as
"FG-VD-09-005-Microsoft" (CVE-2010-0256).
References:
* Microsoft Security Bulletin:
http://www.microsoft.com/technet/security/bulletin/ms10-028.mspx
* CVE ID: CVE-2010-0254
* CVE ID: CVE-2010-0256
Acknowledgment:
* Bing Liu of Fortinet's FortiGuard Labs.
