Microsoft Office Publisher未明远程代码执行漏洞

BUGTRAQ ID: 22702

CVE ID:CVE-2007-1754
CNCVE ID:CNCVE-20071754

Microsoft Office是一款微软开发的流行的文字处理软件。

Microsoft Office包含的Publisher 2007存在一个未明缺陷，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。

Publisher 2007在当应用程序从磁盘写数据到内存时，不充分清楚内存资源，可导致非法内存应用而造成拒绝服务，存在任意代码执行可能。

Microsoft Publisher 2007 0
Microsoft Office 2007 0

• Microsoft Access 2007 0
• Microsoft Access 2007 0
• Microsoft Communicator 2007 0
• Microsoft Communicator 2007 0
• Microsoft Excel 2003
• Microsoft Excel 2007 0
• Microsoft Excel 2007 0
• Microsoft FrontPage 2003
• Microsoft Groove 2007 0
• Microsoft Groove 2007 0
• Microsoft InfoPath 2003
• Microsoft InfoPath 2007 0
• Microsoft InfoPath 2007 0
• Microsoft Office Word 2007 0
• Microsoft Office Word 2007 0
• Microsoft OneNote 2003 0
• Microsoft Outlook 2003 0
• Microsoft Outlook 2007 0
• Microsoft Outlook 2007 0
• Microsoft PowerPoint 2003 0
• Microsoft PowerPoint 2007 0
• Microsoft PowerPoint 2007 0
• Microsoft Project Professional 2007 0
• Microsoft Project Professional 2007 0
• Microsoft Project Standard 2007 0
• Microsoft Project Standard 2007 0
• Microsoft Publisher 2003
• Microsoft Publisher 2007 0
• Microsoft Publisher 2007 0
• Microsoft SharePoint Designer 2007 0
• Microsoft SharePoint Designer 2007 0
• Microsoft Visio Professional 2007 0
• Microsoft Visio Professional 2007 0
• Microsoft Visio Standard 2007 0
• Microsoft Visio Standard 2007 0
• Microsoft Word 2003

补丁下载：

Microsoft Publisher 2007 0

* Microsoft Security Update for Microsoft Office Publisher 2007 (KB936646)
  <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=25D272E7-F2DD" target="_blank">http://www.microsoft.com/downloads/details.aspx?FamilyId=25D272E7-F2DD</a> -4342-92BE-7EBC2E770B44