Vulnerabilities > CVE-2007-1754 - Resource Management Errors vulnerability in Microsoft Publisher 2007
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that initializes critical pointers to NULL, aka the "Publisher Invalid Memory Reference Vulnerability".
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS07-037.NASL |
description | The remote host is running a version of Microsoft Publisher that may allow arbitrary code to be run. To succeed, the attacker would have to send a rogue file to a user of the remote computer and have it open it. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 25688 |
published | 2007-07-10 |
reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/25688 |
title | MS07-037: Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (936548) |
code |
|
Oval
accepted | 2014-08-18T04:02:02.413-04:00 | ||||||||||||||||
class | vulnerability | ||||||||||||||||
contributors |
| ||||||||||||||||
definition_extensions |
| ||||||||||||||||
description | PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that initializes critical pointers to NULL, aka the "Publisher Invalid Memory Reference Vulnerability". | ||||||||||||||||
family | windows | ||||||||||||||||
id | oval:org.mitre.oval:def:1871 | ||||||||||||||||
status | accepted | ||||||||||||||||
submitted | 2007-07-11T01:02:31 | ||||||||||||||||
title | Publisher Invalid Memory Reference Vulnerability | ||||||||||||||||
version | 13 |
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 22702 CVE ID:CVE-2007-1754 CNCVE ID:CNCVE-20071754 Microsoft Office是一款微软开发的流行的文字处理软件。 Microsoft Office包含的Publisher 2007存在一个未明缺陷,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 Publisher 2007在当应用程序从磁盘写数据到内存时,不充分清楚内存资源,可导致非法内存应用而造成拒绝服务,存在任意代码执行可能。 Microsoft Publisher 2007 0 Microsoft Office 2007 0 + Microsoft Access 2007 0 + Microsoft Access 2007 0 + Microsoft Communicator 2007 0 + Microsoft Communicator 2007 0 + Microsoft Excel 2003 + Microsoft Excel 2007 0 + Microsoft Excel 2007 0 + Microsoft FrontPage 2003 + Microsoft Groove 2007 0 + Microsoft Groove 2007 0 + Microsoft InfoPath 2003 + Microsoft InfoPath 2007 0 + Microsoft InfoPath 2007 0 + Microsoft Office Word 2007 0 + Microsoft Office Word 2007 0 + Microsoft OneNote 2003 0 + Microsoft Outlook 2003 0 + Microsoft Outlook 2007 0 + Microsoft Outlook 2007 0 + Microsoft PowerPoint 2003 0 + Microsoft PowerPoint 2007 0 + Microsoft PowerPoint 2007 0 + Microsoft Project Professional 2007 0 + Microsoft Project Professional 2007 0 + Microsoft Project Standard 2007 0 + Microsoft Project Standard 2007 0 + Microsoft Publisher 2003 + Microsoft Publisher 2007 0 + Microsoft Publisher 2007 0 + Microsoft SharePoint Designer 2007 0 + Microsoft SharePoint Designer 2007 0 + Microsoft Visio Professional 2007 0 + Microsoft Visio Professional 2007 0 + Microsoft Visio Standard 2007 0 + Microsoft Visio Standard 2007 0 + Microsoft Word 2003 补丁下载: Microsoft Publisher 2007 0 * Microsoft Security Update for Microsoft Office Publisher 2007 (KB936646) <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=25D272E7-F2DD" target="_blank">http://www.microsoft.com/downloads/details.aspx?FamilyId=25D272E7-F2DD</a> -4342-92BE-7EBC2E770B44 |
id | SSV:1997 |
last seen | 2017-11-19 |
modified | 2007-07-12 |
published | 2007-07-12 |
reporter | Root |
title | Microsoft Office Publisher未明远程代码执行漏洞 |
References
- http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html
- http://osvdb.org/35953
- http://research.eeye.com/html/advisories/published/AD20070710.html
- http://secunia.com/advisories/25988
- http://www.securityfocus.com/archive/1/473309/100/0/threaded
- http://www.securitytracker.com/id?1018353
- http://www.us-cert.gov/cas/techalerts/TA07-191A.html
- http://www.vupen.com/english/advisories/2007/2479
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-037
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1871