Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:21015
HistoryOct 13, 2011 - 12:00 a.m.

Microsoft Publisher 2007 Pubconv.dll内存破坏漏洞

2011-10-1300:00:00
Root
www.seebug.org
12

0.271 Low

EPSS

Percentile

96.3%

JSON

CVE ID: CVE-2011-1508

Microsoft Publisher是微软公司发行的桌面出版应用软件。

Publisher 2007中存在输入验证错误,可被远程攻击者利用通过诱使用户在文档中插入特制的.pub文件执行任意代码。

通过修改.pub文件,可使pubconv.dll库复制很多文件内容到栈中,从而覆盖稍后执行的函数指针。

Microsoft Publisher 2007 (12.0.6546.5000)
厂商补丁:

Microsoft

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.microsoft.com/technet/security/

Related

prion 1
checkpoint_advisories 2
cve 1
seebug 1
cvelist 1
securityvulns 3
nessus 1
openvas 1
prion
prion
Design/Logic Flaw
2011-12-14 00:55:00
checkpoint_advisories
checkpoint_advisories
Microsoft Publisher Function Pointer Overwrite (MS11-091) - Ver2 (CVE-2011-1508)
2014-04-16 00:00:00
Microsoft Publisher Function Pointer Overwrite (MS11-091; CVE-2011-1508)
2012-03-05 00:00:00
cve
cve
CVE-2011-1508
2011-12-14 00:55:00
seebug
seebug
Microsoft .NET Framework / Silverlight类继承限制漏洞(MS11-078)
2011-10-13 00:00:00
cvelist
cvelist
CVE-2011-1508
2011-12-14 00:00:00
securityvulns
securityvulns
Microsoft Publisher memory corruption
2011-10-16 00:00:00
CORE-2011-0106: Microsoft Publisher 2007 Pubconv.dll Memory Corruption
2011-10-16 00:00:00
Microsoft Office multiple security vulnerabilities
2011-12-15 00:00:00
nessus
nessus
MS11-091: Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2607702)
2011-12-13 00:00:00
openvas
openvas
Microsoft Publisher Remote Code Execution Vulnerabilities (2607702)
2011-12-14 00:00:00

0.271 Low

EPSS

Percentile

96.3%

JSON
Related for SSV:21015
prion1checkpoint_advisories2cve1seebug1cvelist1securityvulns3nessus1openvas1