Microsoft Publisher 2007

CPE Details

Microsoft Publisher 2007
2007
2007-08-23
19h16 +00:00
2008-04-15
21h55 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:microsoft:publisher:2007:*:*:*:*:*:*:*

Informations

Vendor

microsoft

Product

publisher

Version

2007

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2008-3068 2008-07-07 21h00 +00:00 Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension.
7.5
CVE-2008-0104 2008-02-12 21h00 +00:00 Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, aka "Publisher Memory Corruption Vulnerability."
9.3
CVE-2007-6534 2007-12-27 22h00 +00:00 Multiple unspecified vulnerabilities in Microsoft Office Publisher allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted PUB file, possibly involving wordart.
6.8
CVE-2007-1754 2007-07-10 20h00 +00:00 PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that initializes critical pointers to NULL, aka the "Publisher Invalid Memory Reference Vulnerability".
9.3
CVE-2007-1117 2007-02-27 01h00 +00:00 Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to execute arbitrary code via unspecified vectors, related to a "file format vulnerability." NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory is from a reliable source.
10