Lucene search
K

26 matches found

CNVD
CNVD
added 2017/09/13 12:0 a.m.8 views

Microsoft Office Publisher Remote Code Execution Vulnerability

Microsoft Publisher 2007 SP3 and Publisher 2010 SP2 are both desktop publishing software in the Office suite of Microsoft Corporation. The software can be used to create professional-quality press releases, brochures, postcards, and more. A remote code execution vulnerability exists in Microsoft...

9.3CVSS8.1AI score0.19589EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2017/09/12 7:0 a.m.48 views

Description of the security update for Publisher 2007: September 12, 2017

Description of the security update for Publisher 2007: September 12, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Comm...

9.3CVSS8.1AI score0.19589EPSS
Exploits0
OpenVAS
OpenVAS
added 2014/04/09 12:0 a.m.23 views

Microsoft Office Publisher Remote Code Execution Vulnerability (2950145)

This host is missing an important security update according to Microsoft Bulletin MS14-020. OpenVAS Vulnerability Test $Id: gbms14-020.nasl 6715 2017-07-13 09:57:40Z teissa $ Microsoft Office Publisher Remote Code Execution Vulnerability 2950145 Authors: Antu Sanadi Copyright: Copyright C 2014...

9.3CVSS0.2AI score0.14254EPSS
Exploits1References4
Saint
Saint
added 2012/01/24 12:0 a.m.47 views

Windows Object Packager Insecure Execution

Added: 01/24/2012 CVE: CVE-2012-0009 BID: 51297 OSVDB: 78212 Background Windows Object Packager is a tool that can be used to create a package that can be inserted into a file. Problem A vulnerability exists in the way the Windows Object Packager registers and implements packages stored on networ...

9.3CVSS5.9AI score0.20561EPSS
Exploits4
Saint
Saint
added 2012/01/24 12:0 a.m.45 views

Windows Object Packager Insecure Execution

Added: 01/24/2012 CVE: CVE-2012-0009 BID: 51297 OSVDB: 78212 Background Windows Object Packager is a tool that can be used to create a package that can be inserted into a file. Problem A vulnerability exists in the way the Windows Object Packager registers and implements packages stored on networ...

9.3CVSS6AI score0.20561EPSS
Exploits4
Saint
Saint
added 2012/01/24 12:0 a.m.29 views

Windows Object Packager Insecure Execution

Added: 01/24/2012 CVE: CVE-2012-0009 BID: 51297 OSVDB: 78212 Background Windows Object Packager is a tool that can be used to create a package that can be inserted into a file. Problem A vulnerability exists in the way the Windows Object Packager registers and implements packages stored on networ...

9.3CVSS5.9AI score0.20561EPSS
Exploits4
OpenVAS
OpenVAS
added 2010/12/15 12:0 a.m.26 views

Microsoft Publisher Remote Code Execution Vulnerability (2292970)

This host is missing a critical security update according to Microsoft Bulletin MS10-103. OpenVAS Vulnerability Test $Id: secpodms10-103.nasl 6538 2017-07-05 11:38:27Z cfischer $ Microsoft Publisher Remote Code Execution Vulnerability 2292970 Authors: Antu Sanadi Copyright: Copyright c 2010 SecPo...

9.3CVSS0.4AI score0.25106EPSS
Exploits0References5
Symantec
Symantec
added 2010/12/14 12:0 a.m.17 views

Microsoft Publisher 'pubconv.dll' Heap Based Buffer Overflow Remote Code Execution Vulnerability

Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...

8AI score
Exploits0Affected Software1
Saint
Saint
added 2010/04/30 12:0 a.m.34 views

Microsoft Publisher File Conversion Textbox buffer overflow

Added: 04/30/2010 CVE: CVE-2010-0479 BID: 39347 OSVDB: 63748 Background Microsoft Office Publisher, part of the Microsoft Office suite, is a product for creating publications and marketing materials. Problem A buffer overflow vulnerability allows command execution when a user loads a Publisher 97...

9.3CVSS6.7AI score0.23415EPSS
Exploits5
securityvulns
securityvulns
added 2010/04/16 12:0 a.m.51 views

Microsoft Security Bulletin MS10-023 - Important Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (981160)

Microsoft Security Bulletin MS10-023 - Important Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution 981160 Published: April 13, 2010 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in Microsoft Office...

9.3CVSS0.3AI score0.23415EPSS
Exploits5
NVD
NVD
added 2009/07/15 3:30 p.m.17 views

CVE-2009-0566

Microsoft Office Publisher 2007 SP1 does not properly calculate object handler data for Publisher files, which allows remote attackers to execute arbitrary code via a crafted file in a legacy format that triggers memory corruption, aka "Pointer Dereference Vulnerability."...

9.3CVSS7.4AI score0.28945EPSS
Exploits0References7
CVE
CVE
added 2009/07/15 3:0 p.m.51 views

CVE-2009-0566

CVE-2009-0566 affects Microsoft Office Publisher 2007 SP1. The issue is an uninitialized/arbitrary pointer dereference in the PUBCONV.DLL module used to convert legacy Publisher files, leading to memory corruption and remote code execution when a crafted file is opened. Exploitation requires a us...

9.3CVSS7.5AI score0.28945EPSS
Exploits0References7Affected Software1
OpenVAS
OpenVAS
added 2009/07/15 12:0 a.m.24 views

Microsoft Office Publisher Remote Code Execution Vulnerability (969516)

This host is missing a critical security update according to Microsoft Bulletin MS09-030. OpenVAS Vulnerability Test $Id: secpodms09-030.nasl 6538 2017-07-05 11:38:27Z cfischer $ Microsoft Office Publisher Remote Code Execution Vulnerability 969516 Authors: Sharath S Copyright: Copyright c 2009...

9.3CVSS0.6AI score0.28945EPSS
Exploits0References3
seebug.org
seebug.org
added 2007/12/24 12:0 a.m.18 views

Microsoft Office Publisher多个拒绝服务漏洞

BUGTRAQ ID: 26982 CNCAN ID:CNCAN-2007122407 Microsoft Office Publisher是一款微软提供的桌面出版应用软件。 Microsoft Office Publisher处理特殊构建的程序存在问题,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 建立一个Publisher文件,并修改00006B90到00006D90为A,可导致应用程序崩溃。或者建立的新文件增加一个使用多个“A”的"wordart"选项,然后修改000077D0到000079B0为A。可导致应用程序崩溃。 Microsoft Publisher 2007 0...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2007/07/12 12:0 a.m.26 views

Microsoft Office Publisher未明远程代码执行漏洞

BUGTRAQ ID: 22702 CVE ID:CVE-2007-1754 CNCVE ID:CNCVE-20071754 Microsoft Office是一款微软开发的流行的文字处理软件。 Microsoft Office包含的Publisher 2007存在一个未明缺陷,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 Publisher 2007在当应用程序从磁盘写数据到内存时,不充分清楚内存资源,可导致非法内存应用而造成拒绝服务,存在任意代码执行可能。 Microsoft Publisher 2007 0 Microsoft Office 2007 0 +...

9.3CVSS6.3AI score0.32782EPSS
Exploits1
securityvulns
securityvulns
added 2007/07/11 12:0 a.m.569 views

EEYE: Microsoft Publisher 2007 Arbitrary Pointer Dereference

Microsoft Publisher 2007 Arbitrary Pointer Dereference Release Date: July 10, 2007 Date Reported: February 16, 2007 Severity: High Remote Code Execution Vendor: Microsoft Vendor Software Affected: Microsoft Office 2007 Small Business Microsoft Office 2007 Professional Microsoft Office 2007 Ultima...

0.2AI score
Exploits0
NVD
NVD
added 2007/07/10 10:30 p.m.18 views

CVE-2007-1754

PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that...

9.3CVSS7.4AI score0.32782EPSS
Exploits1References10
Prion
Prion
added 2007/07/10 10:30 p.m.21 views

Memory corruption

PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that...

9.3CVSS7.7AI score0.32782EPSS
Exploits1References10Affected Software1
NVD
NVD
added 2007/02/27 2:28 a.m.15 views

CVE-2007-1117

Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to execute arbitrary code via unspecified vectors, related to a "file format vulnerability." NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory...

10CVSS7.4AI score0.17777EPSS
Exploits0References4
Prion
Prion
added 2007/02/27 2:28 a.m.13 views

Format string

Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to execute arbitrary code via unspecified vectors, related to a "file format vulnerability." NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory...

10CVSS8AI score0.17777EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder