Gravité: : Élevé
  Identifiant(s) CVE: : CVE-2011-0092,CVE-2011-0093
  Date du conseil: 10 février 2011

  Description

This security update addresses two vulnerabilities in Microsoft Visio, could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploits the system could gain the same user rights as the logged-on user. More specifically, this update addresses the vulnerabilities by correcting the way that Microsoft Visio handles corrupted structures and objects in memory when parsing specially crafted Visio files.

  Information Exposure Rating:

For information on patches specific to the affected software, please proceed to the Microsoft Web page.

  Affected software and version:

  • Microsoft Visio 2002 Service Pack 2
  • Microsoft Visio 2003 Service Pack 3
  • Microsoft Visio 2007 Service Pack 2