← Back

CVE-2008-1090

nvd nist
Published: Apr 8, 2008Modified: Apr 23, 2026

JSON object

Loading...
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD

Description

Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a crafted .DXF file, aka "Visio Memory Validation Vulnerability."

Affected (10)

Products: Microsoft: Office, Visio
Microsoft
2 products
Office
Visio
Configuration A
10 vulnerable
Vulnerable SoftwareAffected Versions
Microsoft
Office
Version 2003 sp2
Office
Version 2003 sp3
Office
Version 2007
Office
Version 2007_sp1
Office
Version xp sp2
Microsoft
Visio
Version 2002 sp2
Visio
Version 2003 sp1
Visio
Version 2003_sp3
Visio
Version 2007
Visio
Version 2007_sp1

Related CWEs

CWE-399
CWE-399

References (18)

Source: secure@microsoft.com
Source: secure@microsoft.com
PatchVendor Advisory
Source: secure@microsoft.com
Patch
Source: secure@microsoft.com
Source: secure@microsoft.com
US Government Resource
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.