Microsoft Visio Viewer vulnerabilities

CVE-2016-3235 [HIGH] CVE-2016-3235: Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Vis Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."

CVE-2013-0079 [CRITICAL] CVE-2013-0079: Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visi Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vulnerability."

CVE-2012-1888 [CRITICAL] CWE-119 CVE-2012-1888: Buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 allows remote attackers to exe Buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file, aka "Visio DXF File Format Buffer Overflow Vulnerability."

CVE-2012-0018 [CRITICAL] CWE-20 CVE-2012-0018: Microsoft Visio Viewer 2010 Gold and SP1 does not properly validate attributes in Visio files, which Microsoft Visio Viewer 2010 Gold and SP1 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "VSD File Format Memory Corruption Vulnerability."

CVE-2012-0137 [CRITICAL] CVE-2012-0137: Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0138.

CVE-2012-0136 [CRITICAL] CVE-2012-0136: Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0137, and CVE-2012-0138.

CVE-2012-0019 [CRITICAL] CWE-94 CVE-2012-0019: Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0020, CVE-2012-0136, CVE-2012-0137, and CVE-2012-0138.

CVE-2012-0020 [CRITICAL] CVE-2012-0020: Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0136, CVE-2012-0137, and CVE-2012-0138.

CVE-2012-0138 [CRITICAL] CVE-2012-0138: Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0137.