/******************************************************************************************** Please join us to pray for the people still in the huge earthquake in eastern Sichuan, China. *********************************************************************************************/ Microsoft Office Publisher PUB File Parsing Remote Memory Corruption Vulnerability by cocoruder(frankruder_at_hotmail.com) http://ruder.cdut.net Summary: A memory corruption vulnerability exists in Microsoft Office Publisher while it is parsing PUB file. An attacker who successfully exploit this vulnerability can execute arbitrary code on the affected system. Affected Software Versions: Microsoft Office Publisher 2007 0 Microsoft Office Publisher 2003 SP3 Microsoft Office Publisher 2003 SP2 Microsoft Office Publisher 2002 SP3 Microsoft Office Publisher 2000 SP3 Microsoft Office Publisher 2007 SP1 Details: Currently there is no details released. Solution: Microsoft has released an advisory for this vulnerability which is available on: http://www.microsoft.com/technet/security/bulletin/ms08-027.mspx CVE Information: CVE-2008-0119 Disclosure Timeline: 2007.12.10 Vendor notified 2007.12.10 Vendor responded 2008.05.13 Coordinated public disclosure --EOF--
