CVE-2011-1508
Severity
9.3CRITICAL
EPSS
27.1%
top 3.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 14
Latest updateMay 14
Description
Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, does not properly manage memory allocations for function pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Function Pointer Overwrite Vulnerability."
CVSS vector
AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0
Affected Packages1 packages
🔴Vulnerability Details
2GHSA▶
GHSA-36xv-45pm-m623: Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, does not properly manage memory allocations for function pointers, which allows user-assisted remo↗2022-05-14
CVEList▶
CVE-2011-1508: Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, does not properly manage memory allocations for function pointers, which allows user-assisted remo↗2011-12-14