CVE-2012-0138

CVE Database · CVE-2012-0138

CVE-2012-0138

· N/AModified

CVSS v3.1

N/A

EPSS

20.21%

Published

Feb 14, 2012

Modified

Apr 28, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0137.

Weaknesses (CWE)

CWE-94

Affected Products (2)

microsoft · visio_viewervulnerable

References (6)

http://www.us-cert.gov/cas/techalerts/TA12-045A.html

Third Party AdvisoryUS Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-015

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14811

http://www.us-cert.gov/cas/techalerts/TA12-045A.html

Third Party AdvisoryUS Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-015

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14811

KEV Catalog EPSS Scores Vendors All CVEs