Intrusion Prevention

MS.Visio.Compressed.Document.Packed.Object.Code.Execution

Description

This indicates a possible attempt to exploit a memory corruption vulnerability in Microsoft Visio.
The vulnerability is caused by a memory corruption error when parsing malformed packed objects in the Visio file format. An attacker may be able to use a specially crafted object to execute arbitrary code on a vulnerable system.

Affected Products

Microsoft Visio 2002 Service Pack 2
Microsoft Visio 2003 Service Pack 2

Impact

System compromise: execution of arbitrary code on the system.

Recommended Actions

Apply patch for Microsoft Visio 2002 Service Pack 2 :
http://www.microsoft.com/downloads/details/aspx?FamilyId=FC1D0483-27E8-4541-B81D-4A47973BEA30
Apply patch for Microsoft Visio 2003 Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=C47F432E-8538-42FD-92C9-7E0F1D643E8E

CVE References

CVE-2007-0936