Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Publisher memory corruption
updated since 10.07.2007
Published:11.07.2007
Source:
SecurityVulns ID:7908
Type:client
Threat Level:
6/10
Description:Memory corruption on .PUB files parsing.
Affected:MICROSOFT : Publisher 2007
CVE:CVE-2007-1754 (PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that initializes critical pointers to NULL, aka the "Publisher Invalid Memory Reference Vulnerability".)
Original documentdocumentEEYE, EEYE: Microsoft Publisher 2007 Arbitrary Pointer Dereference (11.07.2007)
 documentMICROSOFT, Microsoft Security Bulletin MS07-037 - Important Vulnerability in Microsoft Office Publisher 2007 Could Allow Remote Code Execution (936548) (10.07.2007)
Files:Microsoft Security Bulletin MS07-037 - Important Vulnerability in Microsoft Office Publisher 2007 Could Allow Remote Code Execution (936548)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod