Lucene search

[email protected]CVE-2011-1508

HistoryDec 14, 2011 - 12:55 a.m.

CVE-2011-1508

2011-12-1400:55:00

CWE-94

[email protected]

web.nvd.nist.gov

102

cve-2011-1508

microsoft publisher

function pointer

memory allocation

remote code execution

vulnerability

7.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.314 Low

EPSS

Percentile

97.0%

JSON

Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, does not properly manage memory allocations for function pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted Publisher file, aka “Publisher Function Pointer Overwrite Vulnerability.”

CPENameOperatorVersion
microsoft:publishermicrosoft publishereq2007
microsoft:publishermicrosoft publishereq2003

CPE	Name	Operator	Version
microsoft:publisher	microsoft publisher	eq	2007
microsoft:publisher	microsoft publisher	eq	2003

References

docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-091

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14816

7.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.314 Low

EPSS

Percentile

97.0%

JSON

Related for CVE-2011-1508

checkpoint_advisories2 prion1 seebug2 securityvulns3 nessus1 openvas1