===================================================================== CERT-Renater Note d'Information No. 2011/VULN097 _____________________________________________________________________ DATE : 09/02/2011 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running Microsoft Visio version 2002, 2003, 2007. ====================================================================== KB2451879 http://www.microsoft.com/technet/security/Bulletin/MS11-008.mspx ______________________________________________________________________ Microsoft Security Bulletin MS11-008 - Important Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2451879) Published: February 08, 2011 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in Microsoft Visio. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited either of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update is rated Important for Microsoft Visio 2002 Service Pack 2, Microsoft Visio 2003 Service Pack 3, and Microsoft Visio 2007 Service Pack 2. For more information, see the subsection, Affected and Non-Affected Software, in this section. The security update addresses the vulnerabilities by correcting the way that Microsoft Visio handles corrupted structures and objects in memory when parsing specially crafted Visio files. Affected Software Microsoft Visio 2002 Service Pack 2 Microsoft Visio 2003 Service Pack 3 Microsoft Visio 2007 Service Pack 2 Vulnerability Information Visio Object Memory Corruption Vulnerability - CVE-2011-0092 A remote code execution vulnerability exists in the way that Microsoft Visio validates objects in memory when parsing specially crafted Visio files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights. Visio Data Type Memory Corruption Vulnerability - CVE-2011-0093 A remote code execution vulnerability exists in the way that Microsoft Visio parses certain structures when handling specially crafted Visio files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================