Intrusion Prevention

MS.Visio.Version.Number.Remote.Code.Execution

Description

This indicates a possible exploit of a vulnerability in Microsoft Visio.
The vulnerability is a result of a memory corruption error that may occur when handling a specially crafted version number in a Visio (.VSD, VSS, or .VST) file.

Affected Products

Microsoft Visio 2002 Service Pack 2
Microsoft Visio 2003 Service Pack 2

Impact

The execution of arbitrary code on the system.

Recommended Actions

Apply patch for Microsoft Visio 2002 Service Pack 2 :
http://www.microsoft.com/downloads/details/aspx?FamilyId=FC1D0483-27E8-4541-B81D-4A47973BEA30
Apply patch for Microsoft Visio 2003 Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=C47F432E-8538-42FD-92C9-7E0F1D643E8E

CVE References

CVE-2007-0934