HTTP: Microsoft Publisher PUB File Processing Memory Corruption

This signature detects attempts to exploit a known vulnerability against Microsoft Publisher. A successful attack can lead to arbitrary code execution.

Extended Description

Microsoft Publisher is prone to a code-execution vulnerability. This is due to a flaw when handling malformed PUB files. Successfully exploiting this issue allows attackers to corrupt process memory and to execute arbitrary code in the context of targeted users.

Affected Products

Microsoft office_2003

References

BugTraq: 19951

CVE: CVE-2006-0001

Short Name
HTTP:STC:DL:MS-PUB-MC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2006-0001 Corruption File Memory Microsoft PUB Processing Publisher bid:19951
Release Date
07/26/2011
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3339
False Positive
Unknown
Vendors

Microsoft

CVSS Score

9.3

Found a potential security threat?