Microsoft Publisher Object Handler Validation Vulnerability( 14 May 2008 )

Last Update Date: 28 Jan 2011 Release Date: 14 May 2008 5024 Views

RISK: Medium Risk

A remote code execution vulnerability exists in the way Microsoft Publisher validates object header data. An attacker could exploit the vulnerability by sending a specially crafted Publisher file which could be included as an e-mail attachment, or hosted on a specially crafted or compromised Web site.

Impact

Remote Code Execution

System / Technologies affected

Microsoft Office 2000
Microsoft Office XP
Microsoft Office 2003
2007 Microsoft Office System
Microsoft Publisher 2000
Microsoft Publisher 2002
Microsoft Publisher 2003
Microsoft Publisher 2007

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.
Download locations for this patch

Microsoft Office 2000 Service Pack 3
- Microsoft Publisher 2000 Service Pack 3
Microsoft Office XP Service Pack 3
- Microsoft Publisher 2002 Service Pack 3
Microsoft Office 2003 Service Pack 2
- Microsoft Publisher 2003 Service Pack 2
Microsoft Office 2003 Service Pack 3
- Microsoft Publisher 2003 Service Pack 3
2007 Microsoft Office System
- Microsoft Publisher 2007
2007 Microsoft Office System Service Pack 1
- Microsoft Publisher 2007 Service Pack 1

Vulnerability Identifier

CVE-2008-0119

Source

Related Link

Share with

Microsoft Windows CE Image Processing Vulnerabilities

14 May 2008 5083 Views

Yahoo! Assistant "ynotifier" ActiveX Control Code Execution Vulnerability

14 May 2008 5245 Views