NVD

Id
7226  
Name
CVE-2011-0092  
Description
The LZW stream decompression functionality in ORMELEMS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 allows remote attackers to execute arbitrary code via a Visio file with a malformed VisioDocument stream that triggers an exception handler that accesses an object that has not been fully initialized, which triggers memory corruption, aka "Visio Object Memory Corruption Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2011-02-10  
Modified Date
2011-07-18  
Seq
2011-0092  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
40674 7226 CVE-2011-0092 oval:org.mitre.oval:def:12403  View
40675 7226 CVE-2011-0092 MS11-008  View
40676 7226 CVE-2011-0092 20110208 ZDI-11-063: Microsoft Visio 2007 LZW Stream Decompression Exception Vulnerability  View
40677 7226 CVE-2011-0092 46137  View
40678 7226 CVE-2011-0092 1025043  View
40679 7226 CVE-2011-0092 ADV-2011-0321  View
40680 7226 CVE-2011-0092 http://www.zerodayinitiative.com/advisories/ZDI-11-063/  View
40681 7226 CVE-2011-0092 ms-visio-object-code-execution(64923)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
30923 JVNDB-2011-001162 Microsoft Visio の LZW ストリーム圧縮機能における任意のコードを実行される脆弱性 Microsoft Visio の ORMELEMS.DLL 内にある LZW ストリーム圧縮機能には、任意のコードを実行される脆弱性が存在します。 CVE-2011-0092 47999 CVE-2011-0092 7226 9.3 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001162.html 2011-02-08 2011-03-04 View