CVE-2008-0102

Published: Feb 12, 2008Modified: Apr 23, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, related to invalid "memory values," aka "Publisher Invalid Memory Reference Vulnerability."

Affected (3)

Products: Microsoft: Publisher

Microsoft

1 product

Publisher

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Microsoft Publisher	Version 2000
Microsoft Publisher	Version 2002
Microsoft Publisher	Version 2003 sp2

Related CWEs

CWE-399

References (16)

http://marc.info/?l=bugtraq&m=120361015026386&w=2

Source: secure@microsoft.com

http://secunia.com/advisories/28906

Source: secure@microsoft.com

http://www.securityfocus.com/bid/27739

Source: secure@microsoft.com

http://www.securitytracker.com/id?1019376

Source: secure@microsoft.com

http://www.us-cert.gov/cas/techalerts/TA08-043C.html

Source: secure@microsoft.com

US Government Resource

http://www.vupen.com/english/advisories/2008/0514/references

Source: secure@microsoft.com

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-012

Source: secure@microsoft.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5305

Source: secure@microsoft.com

http://marc.info/?l=bugtraq&m=120361015026386&w=2