===================================================================== CERT-Renater Note d'Information No. 2006/VULN495 _____________________________________________________________________ DATE : 13/09/2006 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running Office 2000, Office Publisher, Office XP. ====================================================================== http://www.microsoft.com/technet/security/Bulletin/MS06-054.mspx ---------------------------------------------------------------------- MS06-054 - Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (910729) Affected Software: - Microsoft Office 2000 Service Pack 3 - Office Publisher 2000 - Microsoft Office XP Service Pack 3 - Office Publisher 2002 - Office Publisher 2003 Service Pack 1 and Service Pack 2 - Office Publisher 2003 Full MS06-054 advisory: - http://www.microsoft.com/technet/security/Bulletin/MS06-054.mspx Vulnerability Details Microsoft Publisher Vulnerability - CVE-2006-0001 A remote code execution vulnerability exists in Publisher. An attacker could exploit this vulnerability when Publisher parses a file with a malformed string. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================