This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2004-09-28
Product Publisher Last view 2024-02-13
Version Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:microsoft:publisher:2003:sp3:*:*:*:*:*:* 21
cpe:2.3:a:microsoft:publisher:2002:*:*:*:*:*:*:* 7
cpe:2.3:a:microsoft:publisher:2007:sp3:*:*:*:*:*:* 7
cpe:2.3:a:microsoft:publisher:2003:*:*:*:*:*:*:* 7
cpe:2.3:a:microsoft:publisher:2002:sp3:*:*:*:*:*:* 7
cpe:2.3:a:microsoft:publisher:2007:sp2:*:*:*:*:*:* 6
cpe:2.3:a:microsoft:publisher:2000:*:*:*:*:*:*:* 6
cpe:2.3:a:microsoft:publisher:2010:sp2:*:*:*:*:*:* 5
cpe:2.3:a:microsoft:publisher:2016:*:*:*:*:*:*:* 5
cpe:2.3:a:microsoft:publisher:2007:*:*:*:*:*:*:* 4
cpe:2.3:a:microsoft:publisher:2013:sp1:*:*:*:*:*:* 4
cpe:2.3:a:microsoft:publisher:2010:*:*:*:*:*:*:* 2
cpe:2.3:a:microsoft:publisher:*:*:*:*:*:*:*:* 1
cpe:2.3:a:microsoft:publisher:2003:sp2:*:*:*:*:*:* 1
cpe:2.3:a:microsoft:publisher:2007:sp1:*:*:*:*:*:* 1
cpe:2.3:a:microsoft:publisher:2010:sp1:*:*:*:*:*:* 1
cpe:2.3:a:microsoft:publisher:2016:*:*:*:*:*:x86:* 1
cpe:2.3:a:microsoft:publisher:2016:*:*:*:*:*:x64:* 1

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.8 2024-02-13 CVE-2024-20673

Microsoft Office Remote Code Execution Vulnerability
7.8 2023-06-17 CVE-2023-28295

Microsoft Publisher Remote Code Execution Vulnerability
7.8 2023-06-17 CVE-2023-28287

Microsoft Publisher Remote Code Execution Vulnerability
5.5 2022-05-10 CVE-2022-29107

Microsoft Office Security Feature Bypass Vulnerability
8.8 2020-04-15 CVE-2020-0760

A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.
7.8 2018-06-14 CVE-2018-8245

A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka "Microsoft Publisher Remote Code Execution Vulnerability." This affects Microsoft Publisher.
7.8 2017-09-12 CVE-2017-8725

A remote code execution vulnerability exists in Microsoft Publisher 2007 Service Pack 3 and Microsoft Publisher 2010 Service Pack 2 when they fail to properly handle objects in memory, aka "Microsoft Office Publisher Remote Code Execution".
7.8 2016-12-20 CVE-2016-7289

Microsoft Publisher 2010 SP2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
9.3 2015-11-11 CVE-2015-2503

Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2, PowerPoint 2010 SP2, Project 2010 SP2, Publisher 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Pinyin IME 2010, Access 2013 SP1, Excel 2013 SP1, InfoPath 2013 SP1, OneNote 2013 SP1, PowerPoint 2013 SP1, Project 2013 SP1, Publisher 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, OneNote 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Access 2016, Excel 2016, OneNote 2016, PowerPoint 2016, Project 2016, Publisher 2016, Visio 2016, Word 2016, Skype for Business 2016, and Lync 2013 SP1 allow remote attackers to bypass a sandbox protection mechanism and gain privileges via a crafted web site that is accessed with Internet Explorer, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Microsoft Office Elevation of Privilege Vulnerability."
9.3 2014-04-08 CVE-2014-1759

pubconv.dll in Microsoft Publisher 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via a crafted .pub file, aka "Arbitrary Pointer Dereference Vulnerability."
9.3 2013-05-14 CVE-2013-1329

Integer signedness error in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers a buffer underflow, aka "Publisher Buffer Underflow Vulnerability."
9.3 2013-05-14 CVE-2013-1328

Microsoft Publisher 2003 SP3, 2007 SP3, and 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers incorrect pointer handling, aka "Publisher Pointer Handling Vulnerability."
9.3 2013-05-14 CVE-2013-1327

Integer signedness error in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers an improper memory allocation, aka "Publisher Signed Integer Vulnerability."
9.3 2013-05-14 CVE-2013-1323

Microsoft Publisher 2003 SP3 does not properly handle NULL values for unspecified data items, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Incorrect NULL Value Handling Vulnerability."
10 2013-05-14 CVE-2013-1322

Microsoft Publisher 2003 SP3 does not properly check table range data, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Invalid Range Check Vulnerability."
9.3 2013-05-14 CVE-2013-1321

Microsoft Publisher 2003 SP3 does not properly check the data type of an unspecified return value, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Validation Vulnerability."
10 2013-05-14 CVE-2013-1320

Buffer overflow in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Buffer Overflow Vulnerability."
10 2013-05-14 CVE-2013-1319

Microsoft Publisher 2003 SP3 does not properly check the return value of an unspecified method, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Handling Vulnerability."
10 2013-05-14 CVE-2013-1318

Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers access to an invalid pointer, aka "Publisher Corrupt Interface Pointer Vulnerability."
9.3 2013-05-14 CVE-2013-1317

Integer overflow in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers an improper allocation-size calculation, aka "Publisher Integer Overflow Vulnerability."
9.3 2013-05-14 CVE-2013-1316

Microsoft Publisher 2003 SP3 does not properly validate the size of an unspecified array, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Negative Value Allocation Vulnerability."
9.3 2011-12-13 CVE-2011-3412

Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect memory handling, aka "Publisher Memory Corruption Vulnerability."
9.3 2011-12-13 CVE-2011-3411

Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect handling of values in memory, aka "Publisher Invalid Pointer Vulnerability."
9.3 2011-12-13 CVE-2011-3410

Array index error in Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect handling of values in memory, aka "Publisher Out-of-bounds Array Index Vulnerability."
9.3 2011-12-13 CVE-2011-1508

Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, does not properly manage memory allocations for function pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Function Pointer Overwrite Vulnerability."

CWE : Common Weakness Enumeration

%idName
29% (8) CWE-94 Failure to Control Generation of Code ('Code Injection')
25% (7) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
22% (6) CWE-20 Improper Input Validation
7% (2) CWE-399 Resource Management Errors
7% (2) CWE-189 Numeric Errors
3% (1) CWE-264 Permissions, Privileges, and Access Controls
3% (1) CWE-190 Integer Overflow or Wraparound

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:4307 GDI+ JPEG Parsing Engine Buffer Overflow (VS.NET 2002)
oval:org.mitre.oval:def:4216 GDI+ JPEG Parsing Engine Buffer Overflow (IE6)
oval:org.mitre.oval:def:4003 GDI+ JPEG Parsing Engine Buffer Overflow (Windows XP)
oval:org.mitre.oval:def:3881 GDI+ JPEG Parsing Engine Buffer Overflow (Office XP,SP2)
oval:org.mitre.oval:def:3810 GDI+ JPEG Parsing Engine Buffer Overflow (Project 2003)
oval:org.mitre.oval:def:3320 GDI+ JPEG Parsing Engine Buffer Overflow Microsoft Office Visio Pro 2003
oval:org.mitre.oval:def:3082 GDI+ JPEG Parsing Engine Buffer Overflow (Visio Pro 2002)
oval:org.mitre.oval:def:3038 GDI+ JPEG Parsing Engine Buffer Overflow (Project 2002,SP1)
oval:org.mitre.oval:def:2706 GDI+ JPEG Parsing Engine Buffer Overflow (Office 2003)
oval:org.mitre.oval:def:1721 GDI+ JPEG Parsing Engine Buffer Overflow (VS.NET 2003)
oval:org.mitre.oval:def:1105 GDI+ JPEG Parsing Engine Buffer Overflow (Server 2003)
oval:org.mitre.oval:def:4005 Office XP, SP2 WordPerfect Converter Buffer Overflow
oval:org.mitre.oval:def:3333 Office XP, SP3 WordPerfect Converter Buffer Overflow
oval:org.mitre.oval:def:3311 Office 2003 WordPerfect Converter Buffer Overflow
oval:org.mitre.oval:def:2670 Office 2000 WordPerfect Converter Buffer Overflow
oval:org.mitre.oval:def:590 Microsoft Publisher Vulnerability
oval:org.mitre.oval:def:568 PowerPoint Malformed Record Memory Corruption Vulnerability
oval:org.mitre.oval:def:220 Microsoft PowerPoint Malformed Record Memory Corruption Vulnerability
oval:org.mitre.oval:def:301 Excel Malformed Record Vulnerability
oval:org.mitre.oval:def:1871 Publisher Invalid Memory Reference Vulnerability
oval:org.mitre.oval:def:5305 Publisher Invalid Memory Reference Vulnerability
oval:org.mitre.oval:def:4547 Word Memory Corruption Vulnerability
oval:org.mitre.oval:def:7141 Publisher Object Handler Validation Vulnerability
oval:org.mitre.oval:def:11555 Size Value Heap Corruption in pubconv.dll Vulnerability
oval:org.mitre.oval:def:12187 Heap Overrun in pubconv.dll Vulnerability

SAINT Exploits

Description Link
Microsoft Publisher File Conversion Textbox buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

id Description
77672 Microsoft Office Publisher Unspecified Publisher File Handling Remote Memory ...
77671 Microsoft Office Publisher Invalid Pointer Publisher File Handling Remote Mem...
77670 Microsoft Office Publisher Array Indexing Publisher File Handling Remote Memo...
76460 Microsoft Office Publisher pubconv.dll .pub File Handling Overflow
69815 Microsoft Office Publisher Array Indexing Memory Corruption
69814 Microsoft Office Publisher Malformed PUB File Handling Memory Corruption
69813 Microsoft Office Publisher pubconv.dll Array Indexing Memory Corruption
69812 Microsoft Office Publisher pubconv.dll Unspecified Heap Overrun
69811 Microsoft Office Publisher pubconv.dll Size Value Handling Heap Corruption
63748 Microsoft Office Publisher 97 File Conversion TextBox Processing Overflow
47004 Microsoft Crypto API S/MIME X.509 Certificate CRL Check Remote Information Di...
45264 Microsoft Office Publisher File Format Unspecified Remote Code Execution
44319 Microsoft Office Publisher Crafted PUB File Handling DoS
41447 Microsoft Office Publisher Memory Index Validation .pub File Handling Arbitra...
41446 Microsoft Office Publisher .pub File Handling Arbitrary Code Execution
35953 Microsoft Office Publisher .pub Page Data Handling Arbitrary Code Execution
31901 Microsoft Office Unspecified String Handling Arbitrary Code Execution
29448 Microsoft PowerPoint Crafted File Unspecified Code Execution
28730 Microsoft Publisher PUB File Font Parsing Overflow
9951 Microsoft Multiple Products GDIPlus.dll JPEG Processing Overflow
9950 Microsoft Office WordPerfect Converter Overflow

OpenVAS Exploits

id Description
2011-12-14 Name : Microsoft Publisher Remote Code Execution Vulnerabilities (2607702)
File : nvt/secpod_ms11-091.nasl
2010-12-15 Name : Microsoft Publisher Remote Code Execution Vulnerability (2292970)
File : nvt/secpod_ms10-103.nasl
2010-04-14 Name : Microsoft Office Publisher Remote Code Execution Vulnerability (981160)
File : nvt/secpod_ms10-023.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2014-A-0050 Microsoft Publisher Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0048679
2013-A-0107 Multiple Microsoft Publisher Remote Code Execution Vulnerabilities
Severity: Category II - VMSKEY: V0037937
2010-A-0171 Microsoft Office Publisher Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0025844

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Microsoft Office Publisher file magic detected
RuleID : 8478 - Type : FILE-IDENTIFY - Revision : 19
2014-01-10 pub file download
RuleID : 8350 - Type : WEB-CLIENT - Revision : 4
2019-04-13 Microsoft Office Publisher 2003 EscherStm memory corruption attempt
RuleID : 49432 - Type : FILE-OFFICE - Revision : 1
2019-04-13 Microsoft Office Publisher 2003 EscherStm memory corruption attempt
RuleID : 49431 - Type : FILE-OFFICE - Revision : 2
2019-03-14 Microsoft Office Publisher Opltc memory corruption attempt
RuleID : 49183 - Type : FILE-OFFICE - Revision : 2
2019-03-14 Microsoft Office Publisher Opltc memory corruption attempt
RuleID : 49182 - Type : FILE-OFFICE - Revision : 2
2017-01-10 Microsoft Office Publisher out of bounds read attempt
RuleID : 40966 - Type : FILE-OFFICE - Revision : 2
2017-01-10 Microsoft Office Publisher out of bounds read attempt
RuleID : 40965 - Type : FILE-OFFICE - Revision : 2
2016-04-05 Microsoft Office Publisher tyo.oty field heap overflow attempt
RuleID : 37921 - Type : FILE-OFFICE - Revision : 1
2016-04-05 Microsoft Office Publisher pubconv.dll corruption attempt
RuleID : 37920 - Type : FILE-OFFICE - Revision : 1
2016-03-14 Microsoft Office Publisher 2007 conversion library code execution attempt
RuleID : 37362 - Type : FILE-OFFICE - Revision : 3
2016-03-14 Microsoft Office Word CoCreateInstance elevation of privilege attempt
RuleID : 36721 - Type : FILE-OFFICE - Revision : 3
2016-03-14 Microsoft Office Word CoCreateInstance elevation of privilege attempt
RuleID : 36720 - Type : FILE-OFFICE - Revision : 3
2015-04-30 WordPerfect converter buffer overflow attempt
RuleID : 33959 - Type : FILE-OTHER - Revision : 2
2015-04-30 WordPerfect converter buffer overflow attempt
RuleID : 33958 - Type : FILE-OTHER - Revision : 2
2015-04-30 WordPerfect converter buffer overflow attempt
RuleID : 33957 - Type : FILE-OTHER - Revision : 2
2015-04-30 WordPerfect converter buffer overflow attempt
RuleID : 33956 - Type : FILE-OTHER - Revision : 2
2015-04-30 WordPerfect converter buffer overflow attempt
RuleID : 33955 - Type : FILE-OTHER - Revision : 2
2015-04-30 WordPerfect converter buffer overflow attempt
RuleID : 33954 - Type : FILE-OTHER - Revision : 2
2015-04-30 WordPerfect converter buffer overflow attempt
RuleID : 33953 - Type : FILE-OTHER - Revision : 2
2015-04-30 WordPerfect converter buffer overflow attempt
RuleID : 33952 - Type : FILE-OTHER - Revision : 2
2015-04-30 WordPerfect converter buffer overflow attempt
RuleID : 33951 - Type : FILE-OTHER - Revision : 2
2015-04-30 WordPerfect converter buffer overflow attempt
RuleID : 33950 - Type : FILE-OTHER - Revision : 2
2015-04-30 WordPerfect converter buffer overflow attempt
RuleID : 33949 - Type : FILE-OTHER - Revision : 2
2015-04-30 WordPerfect converter buffer overflow attempt
RuleID : 33948 - Type : FILE-OTHER - Revision : 2

Nessus® Vulnerability Scanner

id Description
2017-09-12 Name: The Microsoft Publisher Products are missing a security update.
File: smb_nt_ms17_sep_publisher.nasl - Type: ACT_GATHER_INFO
2016-12-14 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: smb_nt_ms16-148.nasl - Type: ACT_GATHER_INFO
2015-11-10 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms15-116.nasl - Type: ACT_GATHER_INFO
2014-04-08 Name: Microsoft Publisher, a component of Microsoft Office installed on the remote ...
File: smb_nt_ms14-020.nasl - Type: ACT_GATHER_INFO
2013-05-15 Name: Microsoft Publisher, a component of Microsoft Office installed on the remote ...
File: smb_nt_ms13-042.nasl - Type: ACT_GATHER_INFO
2011-12-13 Name: The version of Microsoft Office installed on the remote host has multiple vul...
File: smb_nt_ms11-091.nasl - Type: ACT_GATHER_INFO
2010-12-15 Name: The version of Microsoft Office installed on the remote host has multiple mem...
File: smb_nt_ms10-103.nasl - Type: ACT_GATHER_INFO
2010-04-13 Name: The version of Microsoft Office installed on the remote host has a buffer ove...
File: smb_nt_ms10-023.nasl - Type: ACT_GATHER_INFO
2008-02-12 Name: Arbitrary code can be executed on the remote host through Microsoft Publisher.
File: smb_nt_ms08-012.nasl - Type: ACT_GATHER_INFO
2007-07-10 Name: Arbitrary code can be executed on the remote host through Microsoft Publisher.
File: smb_nt_ms07-037.nasl - Type: ACT_GATHER_INFO
2007-02-13 Name: An application installed on the remote Mac OS X host is affected by multiple ...
File: macosx_ms_office_feb2006.nasl - Type: ACT_GATHER_INFO
2007-02-13 Name: Arbitrary code can be executed on the remote host through Microsoft Office.
File: smb_nt_ms07-015.nasl - Type: ACT_GATHER_INFO
2006-10-11 Name: An application installed on the remote Mac OS X host is affected by multiple ...
File: macosx_ms_office_oct2006.nasl - Type: ACT_GATHER_INFO
2006-10-10 Name: Arbitrary code can be executed on the remote host through Microsoft PowerPoint.
File: smb_nt_ms06-058.nasl - Type: ACT_GATHER_INFO
2006-09-12 Name: Arbitrary code can be executed on the remote host through Microsoft Publisher.
File: smb_nt_ms06-054.nasl - Type: ACT_GATHER_INFO
2004-09-28 Name: The remote host may have been compromised
File: radmin_port_10002.nasl - Type: ACT_GATHER_INFO
2004-09-24 Name: It is possible to log into the remote host without a password.
File: smb_login_as_x.nasl - Type: ACT_GATHER_INFO
2004-09-15 Name: Arbitrary code can be executed on the remote host through Office.
File: smb_nt_ms04-027.nasl - Type: ACT_GATHER_INFO
2004-09-14 Name: Arbitrary code can be executed on the remote host.
File: smb_nt_ms04-028.nasl - Type: ACT_GATHER_INFO