26 matches found
Microsoft Office Publisher Remote Code Execution Vulnerability
Microsoft Publisher 2007 SP3 and Publisher 2010 SP2 are both desktop publishing software in the Office suite of Microsoft Corporation. The software can be used to create professional-quality press releases, brochures, postcards, and more. A remote code execution vulnerability exists in Microsoft...
Description of the security update for Publisher 2007: September 12, 2017
Description of the security update for Publisher 2007: September 12, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Comm...
Microsoft Office Publisher Remote Code Execution Vulnerability (2950145)
This host is missing an important security update according to Microsoft Bulletin MS14-020. OpenVAS Vulnerability Test $Id: gbms14-020.nasl 6715 2017-07-13 09:57:40Z teissa $ Microsoft Office Publisher Remote Code Execution Vulnerability 2950145 Authors: Antu Sanadi Copyright: Copyright C 2014...
Windows Object Packager Insecure Execution
Added: 01/24/2012 CVE: CVE-2012-0009 BID: 51297 OSVDB: 78212 Background Windows Object Packager is a tool that can be used to create a package that can be inserted into a file. Problem A vulnerability exists in the way the Windows Object Packager registers and implements packages stored on networ...
Windows Object Packager Insecure Execution
Added: 01/24/2012 CVE: CVE-2012-0009 BID: 51297 OSVDB: 78212 Background Windows Object Packager is a tool that can be used to create a package that can be inserted into a file. Problem A vulnerability exists in the way the Windows Object Packager registers and implements packages stored on networ...
Windows Object Packager Insecure Execution
Added: 01/24/2012 CVE: CVE-2012-0009 BID: 51297 OSVDB: 78212 Background Windows Object Packager is a tool that can be used to create a package that can be inserted into a file. Problem A vulnerability exists in the way the Windows Object Packager registers and implements packages stored on networ...
Microsoft Publisher Remote Code Execution Vulnerability (2292970)
This host is missing a critical security update according to Microsoft Bulletin MS10-103. OpenVAS Vulnerability Test $Id: secpodms10-103.nasl 6538 2017-07-05 11:38:27Z cfischer $ Microsoft Publisher Remote Code Execution Vulnerability 2292970 Authors: Antu Sanadi Copyright: Copyright c 2010 SecPo...
Microsoft Publisher 'pubconv.dll' Heap Based Buffer Overflow Remote Code Execution Vulnerability
Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...
Microsoft Publisher File Conversion Textbox buffer overflow
Added: 04/30/2010 CVE: CVE-2010-0479 BID: 39347 OSVDB: 63748 Background Microsoft Office Publisher, part of the Microsoft Office suite, is a product for creating publications and marketing materials. Problem A buffer overflow vulnerability allows command execution when a user loads a Publisher 97...
Microsoft Security Bulletin MS10-023 - Important Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (981160)
Microsoft Security Bulletin MS10-023 - Important Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution 981160 Published: April 13, 2010 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in Microsoft Office...
CVE-2009-0566
Microsoft Office Publisher 2007 SP1 does not properly calculate object handler data for Publisher files, which allows remote attackers to execute arbitrary code via a crafted file in a legacy format that triggers memory corruption, aka "Pointer Dereference Vulnerability."...
CVE-2009-0566
CVE-2009-0566 affects Microsoft Office Publisher 2007 SP1. The issue is an uninitialized/arbitrary pointer dereference in the PUBCONV.DLL module used to convert legacy Publisher files, leading to memory corruption and remote code execution when a crafted file is opened. Exploitation requires a us...
Microsoft Office Publisher Remote Code Execution Vulnerability (969516)
This host is missing a critical security update according to Microsoft Bulletin MS09-030. OpenVAS Vulnerability Test $Id: secpodms09-030.nasl 6538 2017-07-05 11:38:27Z cfischer $ Microsoft Office Publisher Remote Code Execution Vulnerability 969516 Authors: Sharath S Copyright: Copyright c 2009...
Microsoft Office Publisher多个拒绝服务漏洞
BUGTRAQ ID: 26982 CNCAN ID:CNCAN-2007122407 Microsoft Office Publisher是一款微软提供的桌面出版应用软件。 Microsoft Office Publisher处理特殊构建的程序存在问题,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 建立一个Publisher文件,并修改00006B90到00006D90为A,可导致应用程序崩溃。或者建立的新文件增加一个使用多个“A”的"wordart"选项,然后修改000077D0到000079B0为A。可导致应用程序崩溃。 Microsoft Publisher 2007 0...
Microsoft Office Publisher未明远程代码执行漏洞
BUGTRAQ ID: 22702 CVE ID:CVE-2007-1754 CNCVE ID:CNCVE-20071754 Microsoft Office是一款微软开发的流行的文字处理软件。 Microsoft Office包含的Publisher 2007存在一个未明缺陷,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 Publisher 2007在当应用程序从磁盘写数据到内存时,不充分清楚内存资源,可导致非法内存应用而造成拒绝服务,存在任意代码执行可能。 Microsoft Publisher 2007 0 Microsoft Office 2007 0 +...
EEYE: Microsoft Publisher 2007 Arbitrary Pointer Dereference
Microsoft Publisher 2007 Arbitrary Pointer Dereference Release Date: July 10, 2007 Date Reported: February 16, 2007 Severity: High Remote Code Execution Vendor: Microsoft Vendor Software Affected: Microsoft Office 2007 Small Business Microsoft Office 2007 Professional Microsoft Office 2007 Ultima...
CVE-2007-1754
PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that...
Memory corruption
PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that...
CVE-2007-1117
Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to execute arbitrary code via unspecified vectors, related to a "file format vulnerability." NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory...
Format string
Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to execute arbitrary code via unspecified vectors, related to a "file format vulnerability." NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory...