Email us! Subscribe to Liquidmatrix!

Microsoft Publisher Code Execution Vulnerability

Author: Dave Lewis
September 12, 2006 at 9:37 pm · Filed under Vulnerability

The good folks over at Secunia have the skinny on a “highly critical” problem with Microsoft Publisher. From their site:

Description:
A vulnerability has been reported in Microsoft Publisher, which can be exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to a memory corruption error in Publisher when parsing “.pub” files with malformed strings and can be exploited via a specially crafted document.

Successful exploitation allows execution of arbitrary code.

Solution:
Apply patches.

Microsoft Office 2000 SP3:
http://www.microsoft.com/downloads/de…=461A126B-596F-4E84-99FD-03554AC55213

Microsoft Office XP SP3:
http://www.microsoft.com/downloads/de…=0356B9FB-2CD5-4A50-95F6-54846D39B6EA

Microsoft Office 2003 SP1/SP2:
http://www.microsoft.com/downloads/de…=2EEB43F1-E2B6-4B78-98A1-E8B04242438A

Article Link

Tags: , , ,

Tag It:
  • Digg
  • del.icio.us
  • Slashdot
  • Technorati
  • SphereIt
  • StumbleUpon
  • Fark
  • YahooMyWeb
  • Furl
  • Spurl
  • Ma.gnolia
  • NewsVine
Related Articles:

  • Microsoft Security Bulletin for August 2007
  • Vulnerability in Microsoft Word Could Allow Remote Code Execution
  • Microsoft December Patch Tuesday
  • Vulnerability in RPC on Windows DNS
  • Microsoft Word Unspecified Code Execution Vulnerability

    • Leave a Comment