Overview
» IDS/IPS Signatures
Security Sites
Products
White Papers
Data Sheets
Case Studies
Support Login
Locate a Partner
iPolicy Networks Security Advisory
 

Microsoft Publisher Object Handler Validation Vulnerability
Date Discovered: 05/13/2008
Severity: High
Applications Affected: Microsoft Office 2000 SP3
Microsoft Office XP SP3
Microsoft Office 2003 SP2
Microsoft Office 2003 SP3
Microsoft Office System 2007
Microsoft Office System 2007 SP1
Synopsis
Microsoft Publisher is prone to a Object Handler Validation Vulnerability. This vulnerability exists in the way Microsoft Publisher validates object header data. An attacker could exploit the vulnerability by sending a specially crafted Publisher file which could be included as an e-mail attachment, or hosted on a specially crafted or compromised Web site.
Recommended Actions
Update the patches as guided by vendor at :
http://www.microsoft.com/technet/security/bulletin/ms08-027.mspx
Threat Analysis
An object handler is a dynamic-link library (DLL) for an OLE server application. This DLL acts as an intermediary between the client and server applications. The vulnerability is caused by an error in calculating object handler data when opening a specially crafted Publisher file. The error may corrupt system memory in such a way that an attacker could execute arbitrary code.

This vulnerability requires that a user open a specially crafted Publisher file with Microsoft Publisher. In an e-mail attack scenario, an attacker could exploit the vulnerability by sending a specially crafted Publisher file to the user and by convincing the user to open the file.

An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs, view, change, delete data, or create new accounts with full user rights.
References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0119

Write-up by: Aditya Chaturvedi
Security Sites
 
“iPolicy is one of the most visionary firewall vendors in the firewall Magic Quadrant. Its architecture of a central session processing engine and multiple content blades that are able to block based on signatures, rules and so on is the closest to the network security ideal.”
 
Greg Young, John Pescatore
Magic Quadrant for Network Firewalls, 2H04, Gartner
 

 
Home | About Us | Products | Technology | Solutions | Support | Partners | News & Events | Resources | Contact Us
Copyright ©2008 iPolicy Networks - Security Products Division of Tech Mahindra Limited | Privacy Policy | Site Map