Vulnerability in N/a
CVE-2007-1754
PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negativ…
EPSS: 0.626 (98.4th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- SSRT071446 (x_refsource_HP, vendor-advisory)
- MS07-037 (x_refsource_MS, vendor-advisory)
- 1018353 (vdb-entry, x_refsource_SECTRACK)
- research.eeye.com/html/advisories/published/AD20070710.html (x_refsource_MISC)
- ADV-2007-2479 (vdb-entry, x_refsource_VUPEN)
- oval:org.mitre.oval:def:1871 (signature, x_refsource_OVAL, vdb-entry)
- TA07-191A (x_refsource_CERT, third-party-advisory)
- 25988 (x_refsource_SECUNIA, third-party-advisory)
- 35953 (x_refsource_OSVDB, vdb-entry)
- 20070710 EEYE: Microsoft Publisher 2007 Arbitrary Pointer Dereference (mailing-list, x_refsource_BUGTRAQ)