oval:org.mitre.oval:def:1871

Definition Id: oval:org.mitre.oval:def:1871

Oval ID:	oval:org.mitre.oval:def:1871
Title:	Publisher Invalid Memory Reference Vulnerability
Description:	PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that initializes critical pointers to NULL, aka the "Publisher Invalid Memory Reference Vulnerability".
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2007-1754	Version:	7
Platform(s):	Microsoft Windows Vista	Product(s):	Microsoft Publisher
Definition Synopsis:
Microsoft Publisher 2007 is installed AND the version of mspub.exe is less than 12.0.6023.5000 AND the version of pubconv.dll is less than 12.0.6023.5000

Definition Id: oval:org.mitre.oval:def:2127

Oval ID:	oval:org.mitre.oval:def:2127
Title:	Microsoft Publisher 2007 is installed
Description:	The application Microsoft Publisher 2007 is installed.
Family:	windows	Class:	inventory
Reference(s):	cpe:/a:microsoft:publisher:2007	Version:	11
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2	Product(s):	Microsoft Publisher 2007
Definition Synopsis:
Publisher 2007 is installed AND the version of mspub.exe is greater than or equal 12.0.0.0 AND the version of mspub.exe is less than 13.0.0.0
Referenced By:
oval:org.mitre.oval:def:1871