CVE-2014-1759

Description

pubconv.dll in Microsoft Publisher 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via a crafted .pub file, aka Arbitrary Pointer Dereference Vulnerability.

Risk Information

Base Score

7.8

MODERATE

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

21.496

Associated Vulnerability

Vulnerability	OS Platform
Security Update for Publisher 2003 (KB2878299)	Windows
Security Update for Microsoft Office Publisher 2007 (KB2817565)	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-15356	Security Update for Microsoft Office Publisher 2007 (KB2817565)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234