Oval Definition:oval:org.mitre.oval:def:16300
Revision Date:2013-09-02Version:11
Title:Visio Viewer Tree Object Type Confusion Vulnerability - MS13-023
Description:Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2013-0079
Platform(s):Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Microsoft Office 2010 Filter Pack
Microsoft Visio 2010
Microsoft Visio Viewer 2010
Definition Synopsis
  • visio/version
  • Microsoft Visio 2010 SP1 is installed
  • AND Check if Vislib.dll file version is less than 14.0.6122.5000
  • OR visio viewer/version
  • Check if the version of Vviewer.dll is less than 14.0.6131.5002
  • AND Microsoft Visio Viewer 2010 SP1 is installed
  • OR office filter pack/version
  • Office 2010 Filter Pack or Office 2010
  • Microsoft Office 2010 Filter Pack is installed
  • OR Microsoft Office 2010 is installed
  • AND Check if the version of Visfilt.dll is less than 14.0.6132.5000
  • BACK