admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2010/CVE-2010-02xx/CVE-2010-0256.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

122 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2010-0256",
"sourceIdentifier": "secure@microsoft.com",
"published": "2010-04-14T16:00:01.570",
"lastModified": "2024-11-21T01:11:51.280",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly calculate unspecified indexes associated with Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka \"Visio Index Calculation Memory Corruption Vulnerability.\""
},
{
"lang": "es",
"value": "Microsoft Office Visio 2002 SP2, 2003 SP3, y 2007 SP1 y SP2 no calcula adecuadamente \u00edndices no especificado asociados con ficheros Visio, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero manipulado, conocido como \"Visio Index Calculation Memory Corruption Vulnerability.\""
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"baseScore": 7.6,
"accessVector": "NETWORK",
"accessComplexity": "HIGH",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": true,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visio:2003:sp3:*:*:*:*:*:*",
"matchCriteriaId": "553ADEFC-11EC-4E29-8A95-4AF59DB6CEAE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visio:2007:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6C98FD6E-B9EA-4231-8127-31A8D2D25040"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visio:2007:sp2:*:*:*:*:*:*",
"matchCriteriaId": "E822A55C-0440-4622-9284-A5DF70D49C63"
}
]
}
]
}
],
"references": [
{
"url": "http://www.us-cert.gov/cas/techalerts/TA10-103A.html",
"source": "secure@microsoft.com",
"tags": [
"US Government Resource"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-028",
"source": "secure@microsoft.com"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6732",
"source": "secure@microsoft.com"
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA10-103A.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-028",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6732",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
],
"evaluatorImpact": "Per: http://www.microsoft.com/technet/security/Bulletin/MS10-028.mspx\r\n\r\n'Users of Microsoft Office Visio 2002 and later versions of Visio will be prompted with Open, Save, or Cancel before opening a document. This is a mitigating factor because the vulnerability requires more than a single user action to complete the exploit.'"
}
Reference in New Issue View Git Blame Copy Permalink