U radu programskog paketa Microsoft Office Publisher 2007 uočen je sigurnosni propust koji udaljenom napadaču omogućuje pokretanje proizvoljnog programskog koda.
Paket:
Microsoft Office Publisher 2007
Operacijski sustavi:
Microsoft Windows XP, Microsoft Windows Server 2003, Microsoft Windows Vista, Microsoft Windows Server 2008, Microsoft Windows 7
Problem:
pogreška u programskoj komponenti
Iskorištavanje:
udaljeno
Posljedica:
proizvoljno izvršavanje programskog koda
Rješenje:
ne postoji zakrpa
CVE:
CVE-2011-1508
Izvorni ID preporuke:
SA46438
Izvor:
Secunia
Problem:
Propust je posljedica pogreške u biblioteci "pubconv.dll", a očituje se prilikom umetanja sadržaja u dokument.
Posljedica:
Napadač ga može iskoristiti za pokretanje proizvoljnog programskog koda. Pritom uspješna zlouporaba uključuje navođenje korisnika na umetanje zlonamjerne datoteke u dokument.
Rješenje:
Budući da zasad nisu dostupne zakrpe za rješavanje spomenutog problema, korisnicima se savjetuje da ne koriste sadržaje iz nepovjerljivih izvora.
Secunia Advisory SA46438
Microsoft Office Publisher Document Insertion Buffer Overflow Vulnerability
Release Date 2011-10-18
Criticality level Moderately criticalModerately critical
Impact System access
Where From remote
Authentication level Available in Customer Area
Report reliability Available in Customer Area
Solution Status Unpatched
Systems affected Available in Customer Area
Approve distribution Available in Customer Area
Remediation status Secunia VIM
Software:
Microsoft Office Publisher 2007
Secunia CVSS Score Available in Customer Area
CVE Reference(s) CVE-2011-1508 CVSS available in Customer Area
Description
Core Security Technologies has reported a vulnerability in Microsoft Office Publisher 2007, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the pubconv.dll library when inserting content into a document. This can be exploited to cause a stack-based buffer overflow via a specially crafted ".pub" file.
Successful exploitation may allow execution of arbitrary code, but requires tricking a user into inserting a malicious file into a document.
The vulnerability is reported in version 12.0.6546.5000. Other versions may also be affected.
Solution
Do not use content from untrusted sources.
Provided and/or discovered by
Daniel Kazimirow, Core Security Technologies.
Original Advisory
Core Security Technologies (CORE-2011-0106):
http://www.coresecurity.com/content/publisher-pubconv-memory-corruption
Posljednje sigurnosne preporuke