Computer Security

Microsoft Publisher memory corruption
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Microsoft Publisher memory corruption
updated since 10.07.2007
Published:11.07.2007
Source:MICROSOFT
SecurityVulns ID:7908
Type:client
Level:6/10
Description:Memory corruption on .PUB files parsing.
Affected:MICROSOFT : Publisher 2007
CVE:CVE-2007-1754 (PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that initializes critical pointers to NULL, aka the "Publisher Invalid Memory Reference Vulnerability".)
Original documentdocumentEEYE, EEYE: Microsoft Publisher 2007 Arbitrary Pointer Dereference (11.07.2007)
 documentMICROSOFT, Microsoft Security Bulletin MS07-037 - Important Vulnerability in Microsoft Office Publisher 2007 Could Allow Remote Code Execution (936548) (10.07.2007)
Files:Microsoft Security Bulletin MS07-037 - Important Vulnerability in Microsoft Office Publisher 2007 Could Allow Remote Code Execution (936548)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru