Revision Date: | 2014-08-18 | Version: | 11 |
Title: | Arbitrary pointer dereference vulnerability - CVE-2014-1759 (MS14-020) |
Description: | pubconv.dll in Microsoft Publisher 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via a crafted .pub file, aka "Arbitrary Pointer Dereference Vulnerability." |
Family: | windows | Class: | vulnerability |
Status: | ACCEPTED | Reference(s): | CVE-2014-1759
|
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Vista Microsoft Windows XP
| Product(s): | Microsoft Publisher 2003 Microsoft Publisher 2007
|
Definition Synopsis |
Publisher 2003 SP3 and vulnerable file version Microsoft Publisher 2003 SP3 is installed
AND Check if the version of pubconv.dll is less than 11.0.8410
OR Publisher 2007 and vulnerable file version
Microsoft Publisher 2007 SP3 is installed
AND Check if the version of pubconv.dll is less than 12.0.6694.5000
|