===================================================================== CERT-Renater Note d'Information No. 2008/VULN118 _____________________________________________________________________ DATE : 09/04/2008 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running Microsoft Visio. ====================================================================== http://www.microsoft.com/technet/security/Bulletin/MS08-019.mspx ______________________________________________________________________ MS08-019 Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution This security update resolves privately reported vulnerabilities in Microsoft Office Visio that could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Important for Microsoft Office Visio 2002 Service Pack 2, Microsoft Office Visio 2003 Service Pack 2, Microsoft Office Visio 2003 Service Pack 3, Microsoft Office Visio 2007, and Microsoft Office Visio 2007 Service Pack 1. This security update addresses these vulnerabilities by modifying the way that Microsoft Visio performs validations when opening Visio files. Microsoft recommends that customers apply the update at the earliest opportunity. Affected Software o Microsoft Visio 2007 Service Pack 1 o Microsoft Visio 2007 o Microsoft Visio 2003 Service Pack 3 o Microsoft Visio 2003 Service Pack 2 o Microsoft Visio 2002 Service Pack 2 Non-Affected Software o Microsoft Visio 2007 Viewer Service Pack 1 o Microsoft Visio 2007 Viewer o Microsoft Visio 2003 Viewer o Microsoft Visio 2002 Viewer Vulnerability Information Visio Object Header Vulnerability CVE-2008-1089 A remote code execution vulnerability exists in the way Microsoft Visio validates object header data in specially crafted files. An attacker could exploit the vulnerability by sending a malformed file which could be included as an e-mail attachment, or hosted on a specially crafted or compromised Web site. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights. Visio Memory Validation Vulnerability - CVE-2008-1090 A remote code execution vulnerability exists in the way Microsoft Visio validates memory allocations when loading specially-crafted .DXF files from disk into memory. An attacker could exploit the vulnerability by sending a malformed file which could be included as an e-mail attachment, or hosted on a specially crafted or compromised Web site. If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================