Test ID:	1.3.6.1.4.1.25623.1.0.900120
Category:	Windows
Title:	Microsoft Organization Chart RCE Vulnerability
Summary:	The host has Microsoft Organization Chart, which is prone to a; remote code execution vulnerability.
Description:	Summary: The host has Microsoft Organization Chart, which is prone to a remote code execution vulnerability. Vulnerability Insight: Microsoft Organization Chart is prone to a remote code execution vulnerability. The flaw is due to memory access violation error when opening malicious Organization Chart document. Vulnerability Impact: Enticing the victim into opening a malicious crafted Organization Chart document, remote attackers can crash the application or execute arbitrary code on the affected system within the context of the affected application. Affected Software/OS: MS Organization Chart versions 2.0 (11.0.5614.0) and prior on Windows (all). Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3956 BugTraq ID: 31059 http://www.securityfocus.com/bid/31059 http://www.nullcode.com.ar/ncs/crash/orgchart.htm XForce ISS Database: microsoft-organizationchart-code-execution(44993) https://exchange.xforce.ibmcloud.com/vulnerabilities/44993
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.