|
|
|
|
| |
Credit:
The information has been provided by Microsoft Product Security.
The original article can be found at: http://www.microsoft.com/technet/security/bulletin/ms08-027.mspx
|
| |
Affected Software:
* Microsoft Office 2000 Service Pack 3 - Microsoft Publisher 2000 Service Pack 3 (KB950682) - Remote Code Execution - Critical - MS08-012
* Microsoft Office XP Service Pack 3 - Microsoft Publisher 2002 Service Pack 3 (KB950129) - Remote Code Execution - Important - MS08-012
* Microsoft Office 2003 Service Pack 2 - Microsoft Publisher 2003 Service Pack 2 (KB950213) - Remote Code Execution - Important - MS08-012
* Microsoft Office 2003 Service Pack 3 - Microsoft Publisher 2003 Service Pack 3 (KB950213) - Remote Code Execution - Important - None
* 2007 Microsoft Office System - Microsoft Publisher 2007 (KB950114) - Remote Code Execution - Important - MS07-037
* 2007 Microsoft Office System Service Pack 1 - Microsoft Publisher 2007 Service Pack 1 (KB950114) - Remote Code Execution - Important - None
Publisher Object Handler Validation Vulnerability - CVE-2008-0119
A remote code execution vulnerability exists in the way Microsoft Publisher validates object header data. An attacker could exploit the vulnerability by sending a specially crafted Publisher file which could be included as an e-mail attachment, or hosted on a specially crafted or compromised Web site.
If a user were logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
Mitigating Factors for Publisher Object Handler Validation Vulnerability - CVE-2008-0119
Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors may be helpful in your situation:
* An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
* In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site.
* The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful a user must open an attachment that is sent in an e-mail message.
* Users who have installed and are using the Office Document Open Confirmation Tool for Office 2000 will be prompted with Open, Save, or Cancel before opening a document. The features of the Office Document Open Confirmation Tool are incorporated in Office XP and later editions of Office.
CVE Information:
CVE-2008-0119
|
|
|
|
|
