Unprompted Execution of VBA Macros in ESRI ArcMap and ArcGIS
CVE-2012-1661 · HIGH Severity
AV:N/AC:M/AU:N/C:C/I:C/A:C
ESRI ArcMap 9 and ArcGIS 10.0.2.3200 and earlier does not properly prompt users before executing embedded VBA macros, which allows user-assisted remote attackers to execute arbitrary VBA code via a crafted map (.mxd) file.
Learn more about our User Device Pen Test.