Download
| Alert*
oval:org.secpod.oval:def:10972
Microsoft Publisher 2007 SP3 is installed oval:org.mitre.oval:def:2127 The application Microsoft Publisher 2007 is installed. oval:org.secpod.oval:def:42047 A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the f ... oval:org.secpod.oval:def:42087 The host is missing an important security update KB3114428 oval:org.secpod.oval:def:3411 The host is installed with Microsoft Publisher 2003 or 2007 and is prone to Out-of-bounds Array Index Vulnerability. A flaw is present in the application which is caused by a specially crafted Publisher file. Successful exploitation allows remote attacker to install programs, view, change, or delete ... oval:org.secpod.oval:def:3410 The host is installed with Microsoft Publisher 2003 or 2007 and is prone to Function Pointer Overwrite Vulnerability. A flaw is present in the application which is caused by a specially crafted Publisher file. Successful exploitation allows remote attacker to install programs, view, change, or delet ... oval:org.secpod.oval:def:3413 The host is installed with Microsoft Publisher 2003 or 2007 and is prone to Memory Corruption Vulnerability. A flaw is present in the application which is caused by a specially crafted Publisher file. Successful exploitation allows remote attacker to install programs, view, change, or delete data, o ... oval:org.secpod.oval:def:3414 The host is missing an important security update according to Microsoft security bulletin, MS11-091. The update is required to fix remote code execution vulnerabilities. The flaws are present in Microsoft Office Publisher, which fails to handle a specially crafted Publisher file. Successful exploita ... oval:org.mitre.oval:def:1871 PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that initial ... oval:org.secpod.oval:def:17387 The host is missing an important security update according to Microsoft security bulletin, MS14-020. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted .pub file. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:17386 The host is installed with Microsoft Publisher 2003 SP3 or 2007 SP3 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted .pub file. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of ser ... oval:org.secpod.oval:def:10970 The host is missing an important security update according to Microsoft bulletin, Ms13-042. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle certain vectors related to Publisher files. Successful exploitation allows atta ... oval:org.secpod.oval:def:10983 The host is installed with Microsoft Publisher 2003, 2007 or 2010 and is prone to pointer handling vulnerability. A flaw is present in the application, which fails to properly validate a pointer while handling specially crafted Publisher files. Successful exploitation allows attackers to execute arb ... oval:org.secpod.oval:def:3187 The host is missing a critical security update according to Microsoft security bulletin, MS10-036. The update is required to fix remote code execution vulnerability. A flaw is present in the Microsoft Office, which fails to validate COM objects to be instantiated. Successful exploitation allows an a ... oval:org.secpod.oval:def:1248 The host is missing a critical security update according to Microsoft security bulletin, MS10-103. The update is required to fix remote code execution vulnerability. A flaw is present in Microsoft Publisher, which fails to handle crafted Publisher file that uses an old file format. Successful exploi ... oval:org.mitre.oval:def:7141 Buffer overflow in Microsoft Office Publisher 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability." oval:org.secpod.oval:def:2645 The host is missing a critical security update according to Microsoft security bulletin, MS08-027. The update is required to fix remote code execution vulnerability. A flaw is present in Microsoft Office Publisher, which fails handle a specially crafted Publisher file. Successful exploitation could ... oval:org.mitre.oval:def:6285 Microsoft Office Publisher 2007 SP1 does not properly calculate object handler data for Publisher files, which allows remote attackers to execute arbitrary code via a crafted file in a legacy format that triggers memory corruption, aka "Pointer Dereference Vulnerability." oval:org.secpod.oval:def:2037 The host is missing a critical security update according to Microsoft security bulletin, MS10-023. The update is required to fix buffer overflow vulnerability. A flaw is present in the Microsoft Office Publisher, which fails to handle a specially crafted Publisher file. Successful exploitation allow ... oval:org.secpod.oval:def:2356 The host is missing an important security update according to Microsoft security bulletin, MS09-030. The update is required to fix remote code execution vulnerability. A flaw is present in the Microsoft Office Publisher, which fails to handle a specially crafted Publisher file. Successful exploitati ... oval:org.mitre.oval:def:12187 Heap-based buffer overflow in pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3, 2003 SP3, 2007 SP2, and 2010 allows remote attackers to execute arbitrary code via a crafted Publisher file that uses an old file format, aka "Heap Overrun in pubconv.dll Vulnerability." oval:org.mitre.oval:def:11555 pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3, 2003 SP3, and 2007 SP2 does not properly handle an unspecified size field in certain older file formats, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a ... oval:org.mitre.oval:def:5303 Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 SP1 and earlier allows remote attackers to execute arbitrary code via a Publisher file with crafted object header data that triggers memory corruption, aka "Publisher Object Handler Validation Vuln ... oval:org.secpod.oval:def:31365 The host is missing an important security update according to Microsoft security bulletin, MS15-116. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle specially crafted Microsoft Office file. Successful explo ... oval:org.secpod.oval:def:31390 The host is installed with Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2, P ... oval:org.mitre.oval:def:7286 Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do not properly validate COM objects during instantiat ... |