Описание
Microsoft Office Publisher 2007 SP1 does not properly calculate object handler data for Publisher files, which allows remote attackers to execute arbitrary code via a crafted file in a legacy format that triggers memory corruption, aka "Pointer Dereference Vulnerability."
Ссылки
- US Government Resource
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:microsoft:office_publisher:2007:sp1:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.4874
Средний
9.3 Critical
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
почти 4 года назад
Microsoft Office Publisher 2007 SP1 does not properly calculate object handler data for Publisher files, which allows remote attackers to execute arbitrary code via a crafted file in a legacy format that triggers memory corruption, aka "Pointer Dereference Vulnerability."
EPSS
Процентиль: 98%
0.4874
Средний
9.3 Critical
CVSS2
Дефекты
CWE-94