VYPR

Office Publisher 2007

by Microsoft

CVEs (6)

  • CVE-2008-0102Feb 12, 2008
    risk 0.03cvss epss 0.37

    Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, related to invalid "memory values," aka "Publisher Invalid Memory Reference Vulnerability."

  • CVE-2007-1754Jul 10, 2007
    risk 0.03cvss epss 0.33

    PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization…

  • CVE-2010-0479Apr 14, 2010
    risk 0.02cvss epss 0.23

    Buffer overflow in Microsoft Office Publisher 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability."

  • CVE-2009-0566Jul 15, 2009
    risk 0.02cvss epss 0.29

    Microsoft Office Publisher 2007 SP1 does not properly calculate object handler data for Publisher files, which allows remote attackers to execute arbitrary code via a crafted file in a legacy format that triggers memory corruption, aka "Pointer Dereference Vulnerability."

  • CVE-2008-0104Feb 12, 2008
    risk 0.02cvss epss 0.29

    Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, aka "Publisher Memory Corruption Vulnerability."

  • CVE-2007-6534Dec 27, 2007
    risk 0.01cvss epss 0.11

    Multiple unspecified vulnerabilities in Microsoft Office Publisher allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted PUB file, possibly involving wordart.