Microsoft Publisher Function Pointer Overwrite (MS11-091) - Ver2 (CVE-2011-1508)

A memory corruption vulnerability has been reported in Microsoft Publisher. The vulnerability is due to the way Microsoft Publisher does not properly handle memory for function pointers while parsing specially crafted Publisher files. A remote attacker may exploit this vulnerability by enticing a...

CVE-2011-1508

CVE-2011-1508 affects Microsoft Publisher 2003 SP3 and Microsoft Publisher 2007 SP2/SP3. Root cause: PubConv.dll mishandles memory for function pointers during parsing of Publisher files, enabling a remote attacker to execute arbitrary code via a crafted Publisher file. The issue is tied to MS11-...

CORE-2011-0106: Microsoft Publisher 2007 Pubconv.dll Memory Corruption

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ Microsoft Publisher 2007 Pubconv.dll Memory Corruption 1. Advisory Information Title: Microsoft Publisher 2007 Pubconv.dll Memory Corruption Advisory ID: CORE-2011-0106...

Microsoft .NET Framework / Silverlight类继承限制漏洞(MS11-078)

CVE ID: CVE-2011-1508 .NET Framework是用于Windows的新托管代码编程模型，用于构建具有视觉上引人注目的用户体验的应用程序，实现跨技术边界的无缝通信，并且能支持各种业务流程。Silverlight 是一种新的 Web 呈现技术，能在各种平台上运行。 Microsoft .NET Framework和Microsoft Silverlight在类继承的实现上存在安全漏洞，恶意用户可通过特制的网页利用此漏洞控制用户系统。要成功利用，需要浏览器可以运行XBAPs或Silverlight应用程序。 Microsoft .NET Framework 4.x...

Microsoft Publisher 2007 Pubconv.dll内存破坏漏洞

CVE ID: CVE-2011-1508 Microsoft Publisher是微软公司发行的桌面出版应用软件。 Publisher 2007中存在输入验证错误，可被远程攻击者利用通过诱使用户在文档中插入特制的.pub文件执行任意代码。 通过修改.pub文件，可使pubconv.dll库复制很多文件内容到栈中，从而覆盖稍后执行的函数指针。 Microsoft Publisher 2007 12.0.6546.5000 厂商补丁： Microsoft --------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Microsoft Publisher 2007 Pubconv.dll Memory Corruption

Core Security Technologies - Corelabs Advisory Microsoft Publisher 2007 Pubconv.dll Memory Corruption 1. Advisory Information Title: Microsoft Publisher 2007 Pubconv.dll Memory Corruption Advisory ID: CORE-2011-0106 Advisory URL:...