HOME > VULNERABILITY NOTES


   VULNERABILITY NOTE

CERT-In Vulnerability Note CIVN-2008-58
Microsoft Publisher Object Handler Validation Vulnerability

Original Issue Date: May 14, 2008

Severity Rating: High

System Affected

  • Microsoft Office 2000 Service Pack 3
  • Microsoft Office XP Service Pack 3
  • Microsoft Office 2003 Service Pack 2
  • Microsoft Office 2003 Service Pack 3
  • Microsoft Office 2007
  • Microsoft Office 2007 Service Pack 1

Component Affected

  • Microsoft Publisher 2000 Service Pack 3
  • Microsoft Publisher 2002 Service Pack 3
  • Microsoft Publisher 2003 Service Pack 2
  • Microsoft Publisher 2003 Service Pack 3
  • Microsoft Publisher 2007
  • Microsoft Publisher 2007 Service Pack 1

Overview

A vulnerability has been reported in Microsoft Publisher that could allow a remote user to execute arbitrary code and to take complete control of an affected system.

Description

This vulnerability is caused due to an error in the Microsoft Publisher object handler during parsing of object header data. An object handler is a dynamic-link library (DLL) for an OLE server application. This DLL acts as an intermediary between the client and server applications, to improve performance when it's necessary to redraw an object in the window of the client application.

An attacker could exploit this vulnerability by sending a specially crafted Publisher file which could be as an e-mail attachment, or hosted on compromised or specially crafted website. Successful exploitation of this vulnerability could allow remote attacker to take complete control of an affected system.

This may corrupt system memory in such a way that allows an attacker to execute arbitrary code on affected system.

Workaround

  • Do not open or save Microsoft Office files that received from un-trusted sources.

Solution

 Apply appropriate patches as mentioned in Microsoft Security Bulletin MS08-027.

Vendor Information
Microsoft
http://www.microsoft.com/technet/security/bulletin/ms08-027.mspx

References

FrSIRT
http://www.frsirt.com/english/advisories/2008/1505

SecurityTracker
http://www.securitytracker.com/alerts/2008/May/1020015.html

Secunia
http://secunia.com/advisories/30150/

SecuriTeam
http://www.securiteam.com/windowsntfocus/5ZP0B15OAI.html

CVE Name
CVE-2008-0119

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003