1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Publisher Malformed File Code Exec

HTTP Publisher Malformed File Code Exec

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit an vulnerability in MS Office Publisher 2007 which could result in remote code execution.

Additional Information

Microsoft Office Publisher is an application for designing and publishing documents.

Publisher is prone to a remote code-execution vulnerability due to an invalid memory reference error when handling malformed legacy document file. The vulnerability resides in the 'PUBCONV.DLL' Publisher conversion library used by the application to convert files from previous versions to Publisher 2007.

An attacker can exploit this issue by enticing an unsuspecting victim to open a maliciously crafted Publisher file.

Successful exploits may allow attackers to execute arbitrary code with privileges of the user running the application. This may facilitate a compromise of vulnerable computers.

Affected

  • Microsoft Office 2007
  • Microsoft Publisher 2007

Response

Download and install the latest Microsoft patch applicable to this issue.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube