CVE-2012-0020
published 2012-02-14CVE-2012-0020: Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code…
PriorityP353critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
20.29%
97.2th percentile
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0136, CVE-2012-0137, and CVE-2012-0138.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | visio_viewer | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2f7j-3wrq-f3c8: Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitra
ghsa_unreviewed·2022-05-04·CVSS 9.3
CVE-2012-0137 [CRITICAL] CWE-94 GHSA-2f7j-3wrq-f3c8: Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitra
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0138.
GHSA
GHSA-g829-q6h9-qvpp: Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitra
ghsa_unreviewed·2022-05-04·CVSS 9.3
CVE-2012-0019 [CRITICAL] CWE-94 GHSA-g829-q6h9-qvpp: Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitra
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0020, CVE-2012-0136, CVE-2012-0137, and CVE-2012-0138.
GHSA
GHSA-rcch-qf9h-vxg3: Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitra
ghsa_unreviewed·2022-05-04·CVSS 9.3
CVE-2012-0136 [CRITICAL] CWE-94 GHSA-rcch-qf9h-vxg3: Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitra
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0137, and CVE-2012-0138.
GHSA
GHSA-m4w6-q2pr-qg8f: Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitra
ghsa_unreviewed·2022-05-04·CVSS 9.3
CVE-2012-0138 [CRITICAL] CWE-94 GHSA-m4w6-q2pr-qg8f: Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitra
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0137.
GHSA
GHSA-8g7q-wq2r-7xqc: Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitra
ghsa_unreviewed·2022-05-04·CVSS 9.3
CVE-2012-0020 [CRITICAL] CWE-94 GHSA-8g7q-wq2r-7xqc: Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitra
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0136, CVE-2012-0137, and CVE-2012-0138.
No detection rules found.
No public exploits indexed.
Zscaler
Zscaler Protects against Microsoft's Patch Cycle | Round 12
blogs_zscaler·CVSS 9.3
[CRITICAL] Zscaler Protects against Microsoft's Patch Cycle | Round 12
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
Bugzilla
CVE-2013-6483 CVE-2013-6482 CVE-2013-6481 CVE-2013-6487 CVE-2013-6485 CVE-2013-6484 CVE-2013-6489 CVE-2014-0020 CVE-2013-6477 CVE-2012-6152 CVE-2013-6478 CVE-2013-6479 CVE-2013-6490 pidgin: various fl
bugzilla·2014-01-29·CVSS 5.0
CVE-2013-6483 [MEDIUM] CVE-2013-6483 CVE-2013-6482 CVE-2013-6481 CVE-2013-6487 CVE-2013-6485 CVE-2013-6484 CVE-2013-6489 CVE-2014-0020 CVE-2013-6477 CVE-2012-6152 CVE-2013-6478 CVE-2013-6479 CVE-2013-6490 pidgin: various fl
CVE-2013-6483 CVE-2013-6482 CVE-2013-6481 CVE-2013-6487 CVE-2013-6485 CVE-2013-6484 CVE-2013-6489 CVE-2014-0020 CVE-2013-6477 CVE-2012-6152 CVE-2013-6478 CVE-2013-6479 CVE-2013-6490 pidgin: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bug
http://www.us-cert.gov/cas/techalerts/TA12-045A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-015https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14965http://www.us-cert.gov/cas/techalerts/TA12-045A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-015https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14965
2012-02-14
Published