Security Advisory

CVE-2007-1754

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-07-10 22:00:00

Last updated 2024-08-07 13:06:26

Assigner microsoft

State PUBLISHED

Description

PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that initializes critical pointers to NULL, aka the "Publisher Invalid Memory Reference Vulnerability".

← Browse all CVEs View on cve.org ↗