Summary:

Fortinet's FortiGuard Labs has discovered two memory corruption vulnerabilities in Microsoft Office Visio, which allow a remote attacker to compromise a system through a malicious document.

Impact:

Remote Code Execution.

Risk:

High.

Affected Software:

For a list of affected software, please refer to the Microsoft Security Bulletin reference below.

Additional Information:

Two memory corruption vulnerabilities were discovered in Microsoft Office Visio, each of which is highlighted below:

• Memory corruption in "vislib.dll" (CVE-2010-0254)
• Memory corruption in "vislib.dll" (CVE-2010-0256)

The vulnerabilities are triggered when opening and rendering a Visio file. A remote attacker could craft a malicious document which exploits either one of these vulnerabilities, allowing them to compromise a system.

Solutions:

• Users should apply the solution provided by Microsoft.

FortiGuard Labs released the following signatures to protect against these vulnerabilities

• "MS.Visio.Attribute.Memory.Corruption", previously released as "FG-VD-09-006-Microsoft" (CVE-2010-0254).
• "MS.Visio.objectID.Memory.Corruption", previously released as "FG-VD-09-005-Microsoft" (CVE-2010-0256).

References:

• Microsoft Security Bulletin: http://www.microsoft.com/technet/security/bulletin/ms10-028.mspx
• CVE ID: CVE-2010-0254
• CVE ID: CVE-2010-0256

Acknowledgment:

• Bing Liu of Fortinet's FortiGuard Labs.