MS.Publisher.Array.Indexing.Memory.Corruption
Description
This indicates an attack attempt against a heap-overrun vulnerability in Microsoft Publisher.
The vulnerability exists in the way that Microsoft Publisher parses specially crafted Publisher files. It allows an attacker to execute arbitrary code by sending a specially crafted Publisher file to the user and by convincing the user to open the file.
Affected Products
Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 3
Microsoft Office 2007 Service Pack 2
Microsoft Office 2010 (32-bit editions)
Microsoft Office 2010 (64-bit editions)
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the patch, available at the vendor's website:
http://www.microsoft.com/technet/security/Bulletin/ms10-103.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-01-11 | 16.995 |