Описание
Stack-based buffer overflow in Microsoft Publisher 2000 through 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted PUB file, which causes an overflow when parsing fonts.
Ссылки
- PatchVendor Advisory
- ExploitPatchVendor Advisory
- US Government Resource
- Patch
- US Government Resource
- PatchVendor Advisory
- ExploitPatchVendor Advisory
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2003:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:publisher:2000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:publisher:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:publisher:2003:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.73182
Высокий
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Stack-based buffer overflow in Microsoft Publisher 2000 through 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted PUB file, which causes an overflow when parsing fonts.
EPSS
Процентиль: 99%
0.73182
Высокий
9.3 Critical
CVSS2
Дефекты
CWE-119