Lucene search

PRIOn knowledge basePRION:CVE-2011-1508

HistoryDec 14, 2011 - 12:55 a.m.

Design/Logic Flaw

2011-12-1400:55:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.211 Low

EPSS

Percentile

96.3%

JSON

Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, does not properly manage memory allocations for function pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted Publisher file, aka “Publisher Function Pointer Overwrite Vulnerability.”

CPENameOperatorVersion
publishereq2007 sp2
publishereq2003 sp3
publishereq2007 sp3

Name	Operator	Version
publisher	eq	2007 sp2
publisher	eq	2003 sp3
publisher	eq	2007 sp3

References

docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-091

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14816

8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.211 Low

EPSS

Percentile

96.3%

JSON

Related for PRION:CVE-2011-1508