MS08-019: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (949032)
High Nessus Plugin ID 31792
SynopsisArbitrary code can be executed on the remote host through Visio.
DescriptionThe remote host contains a version of Microsoft Visio that has a vulnerability in the way it handles object headers and validates memory which could be used by an attacker to execute arbitrary code on the remote host.
To exploit this vulnerability, an attacker would need to spend a specially crafted visio document to a user on the remote host and lure him into opening it.
SolutionMicrosoft has released a set of patches for Microsoft Visio 2002, 2003 and 2007.