Executive Summary
| Summary | |
|---|---|
| Title | Vulnerability in Microsoft Office Publisher 2007 Could Allow Remote Code Execution (936548) |
| Informations | |||
|---|---|---|---|
| Name | MS07-037 | First vendor Publication | 2007-07-10 |
| Vendor | Microsoft | Last vendor Modification | 2007-07-10 |
| Severity (Vendor) | Critical | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 9.3 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| This important security update resolves one publicly disclosed vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Microsoft Office Publisher file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. User interaction is required to exploit this vulnerability. |
Original Source
| Url : http://www.microsoft.com/technet/security/bulletin/ms07-037.mspx?pubDate=2 (...) |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-399 | Resource Management Errors |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:1871 | |||
| Oval ID: | oval:org.mitre.oval:def:1871 | ||
| Title: | Publisher Invalid Memory Reference Vulnerability | ||
| Description: | PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that initializes critical pointers to NULL, aka the "Publisher Invalid Memory Reference Vulnerability". | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2007-1754 | Version: | 7 |
| Platform(s): | Microsoft Windows Vista | Product(s): | Microsoft Publisher |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 35953 | Microsoft Office Publisher .pub Page Data Handling Arbitrary Code Execution |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-03-14 | Microsoft Office Publisher 2007 conversion library code execution attempt RuleID : 37362 - Revision : 3 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Publisher 2007 conversion library code execution attempt RuleID : 16051 - Revision : 16 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2007-07-10 | Name : Arbitrary code can be executed on the remote host through Microsoft Publisher. File : smb_nt_ms07-037.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:45:43 |
|
