CVE-2011-1979

Name of the Vulnerable Software and Affected Versions Microsoft Visio versions 2003 SP3 through 2007 SP2

Description A remote code execution issue exists due to improper validation of objects in memory during Visio file parsing, allowing attackers to execute arbitrary code via a crafted file. This could enable an attacker to take complete control of an affected system, install programs, view, change, or delete data, or create new accounts with full user rights. Users with fewer user rights on the system could be less affected than those operating with administrative user rights.

Recommendations For Microsoft Visio versions 2003 SP3 and 2007 SP2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.