Microsoft Office Visio 2003 mfc71enu.dll Insecure Library Loading (MS11-055; CVE-2010-3148)
| Check Point Reference: | CPAI-2011-334 | |
| Date Published: | ||
| Severity: | ||
| Source: | Microsoft Security Bulletin MS11-055 | |
| Industry Reference(s): | CVE-2010-3148 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Microsoft Office Visio 2003 | ||
| Vulnerability Description A remote code execution vulnerability has been reported in Microsoft Office Visio 2003. Remote attackers could trigger this flaw by enticing a user to open a specially crafted Visio-related file. Successful exploitation may enable an attacker to install programs; view, change, or delete data; or create new accounts with full user rights. |
||
|
Update/Patch Available Apply patch from: Microsoft Security Bulletin MS11-055 |
|
|
Vulnerability Details This is a remote code execution vulnerability. The vulnerability is due to insecure library loading issue in Microsoft Office Visio. Successful exploitation of this vulnerability may result in complete control of an attacker over an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. |
Protection Overview
This protection will detect and block attempts to exploit this vulnerability.
In order for the protection to be activated, update your product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.