Microsoft Visio
18 CVEs affecting Microsoft Visio. Latest disclosed: 2024-02-13. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-20673 | High | 7.8 | 2024-02-13 | Microsoft Office Remote Code Execution Vulnerability |
CVE-2022-44695 | High | 7.8 | 2022-12-13 | Microsoft Office Visio Remote Code Execution Vulnerability |
CVE-2016-3364 | High | 7.8 | 2016-09-14 | Microsoft Visio 2016 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." |
CVE-2016-0012 | Medium | 4.3 | 2016-01-13 | Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010… |
CVE-2015-2503 | | 2015-11-11 | Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word… | |
CVE-2015-2557 | | 2015-10-14 | Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote attackers to execute arbitrary code via crafted UML data in an Office document, aka "Mic… | |
CVE-2015-2423 | | 2015-08-15 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8… | |
CVE-2013-1301 | | 2013-05-15 | Microsoft Visio 2003 SP3 2007 SP3, and 2010 SP1 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration i… | |
CVE-2013-0079 | | 2013-03-13 | Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visi… | |
CVE-2012-1888 | | 2012-08-15 | Buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file, aka "Visio DX… | |
CVE-2011-1979 | | 2011-08-10 | Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrar… | |
CVE-2011-1972 | | 2011-08-10 | Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does not properly validate objects in memory during Visio file parsing, which allows remote attackers… | |
CVE-2011-0093 | | 2011-02-10 | ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does not properly parse structures during the opening of a Visio file, which allows remote att… | |
CVE-2011-0092 | | 2011-02-10 | The LZW stream decompression functionality in ORMELEMS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 allows remote attackers to execute arbitrary cod… | |
CVE-2010-3148 | | 2010-08-27 | Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows local users to gain privileges via a Trojan horse mfc71enu.dll file in the current worki… | |
CVE-2010-1681 | | 2010-05-06 | Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office Visio allows user-assisted remote attackers to execute arbitrary code via a crafted DXF… | |
CVE-2010-0256 | | 2010-04-14 | Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly calculate unspecified indexes associated with Visio files, which allows remot… | |
CVE-2010-0254 | | 2010-04-14 | Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly validate attributes in Visio files, which allows remote attackers to execute… |