Source	:	cve
Description	:	Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 SP1 and earlier allows remote attackers to execute arbitrary code via a Publisher file with crafted object header data that triggers memory corruption, aka "Publisher Object Handler Validation Vulnerability."

oval:org.mitre.oval:def:5303, Publisher Object Handler Validation Vulnerability

oval:org.mitre.oval:def:427, Microsoft Publisher 2000 is installed
oval:org.mitre.oval:def:734, Microsoft Publisher 2002 is installed
oval:org.mitre.oval:def:239, Microsoft Publisher 2003 is installed
oval:org.mitre.oval:def:2127, Microsoft Publisher 2007 is installed

Application : cpe:/a:microsoft:publisher:2000
Application : cpe:/a:microsoft:publisher:2002
Application : cpe:/a:microsoft:publisher:2003
Application : cpe:/a:microsoft:publisher:2007

		CVSS
Name	Severity	Base Score	Impact Score	Exploit Score	Attack Range	Attack Complexity	Auth
MS08-027	(High)	N/A	N/A	N/A	Not Defined	Not Defined	Not Defined
MS08-012	(High)	N/A	N/A	N/A	Not Defined	Not Defined	Not Defined
MS07-037	(High)	N/A	N/A	N/A	Not Defined	Not Defined	Not Defined

Software : Office 2000 SP3 (Microsoft) Software : Office 2003 SP2 (Microsoft) Software : Office 2003 SP3 (Microsoft) Software : Office 2007 (Microsoft) Software : Office 2007_sp1 (Microsoft) Software : Office XP SP3 (Microsoft)

Source : BID Url : http://www.securityfocus.com/bid/29158 Source : FRSIRT Url : http://www.frsirt.com/english/advisories/2008/1505/references Source : MS Url : http://www.microsoft.com/technet/security/bulletin/ms08-027.mspx Source : SECTRACK Url : http://www.securitytracker.com/id?1020015 Source : SECUNIA Url : http://secunia.com/advisories/30150