Oval Definition:oval:org.mitre.oval:def:12852
Revision Date:2011-09-26Version:10
Title:pStream Release RCE Vulnerability
Description:Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "pStream Release RCE Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2011-1972
Platform(s):Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Microsoft Office Visio 2003
Microsoft Office Visio 2007
Microsoft Office Visio 2010
Definition Synopsis
  • Microsoft Office Visio 2003
  • Microsoft Office Visio 2003 is installed
  • AND Check if the version of visio.exe is less than 11.0.8207.0
  • OR Microsoft Visio 2007
  • Microsoft Office Visio 2007 is installed
  • AND Check if the version of visio.exe is less than 12.0.6556.5000
  • OR Microsoft Visio 2010
  • Microsoft Visio 2010 is installed
  • AND Check if the version of visio.exe is less than 14.0.6106.5000
  • BACK