Signature Detail

Short Name	HTTP:STC:DL:MS-PUB-MC
Severity	High
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	Microsoft Publisher PUB File Processing Memory Corruption
Release Date	2011/07/26
Update Number	1961
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Microsoft Publisher PUB File Processing Memory Corruption

This signature detects attempts to exploit a known vulnerability against Microsoft Publisher. A successful attack can lead to arbitrary code execution.

Extended Description

Microsoft Publisher is prone to a code-execution vulnerability. This is due to a flaw when handling malformed PUB files. Successfully exploiting this issue allows attackers to corrupt process memory and to execute arbitrary code in the context of targeted users.

Affected Products

HP Storage Management Appliance 2.1
Microsoft Office 2000 SP1
Microsoft Office 2000 SP2
Microsoft Office 2000 SP3
Microsoft Office 2000
Microsoft Office 2003 SP1
Microsoft Office 2003 SP2
Microsoft Office 2003
Microsoft Office XP SP1
Microsoft Office XP SP2
Microsoft Office XP SP3
Microsoft Office XP
Microsoft Publisher 2000
Microsoft Publisher 2002
Microsoft Publisher 2003

References

BugTraq: 19951
CVE: CVE-2006-0001

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Microsoft Publisher PUB File Processing Memory Corruption

Extended Description

Affected Products

References