Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:18721
HistoryDec 24, 2007 - 12:00 a.m.

Microsoft Office Publisher

2007-12-2400:00:00
vulners.com
7
JSON

I found two ways to cause a denial of service on the Microsoft Office Publisher, this is done by creating a malformed file with the following characteristics:

The first is to create a new file and modifying hexadicimal with an editor from the direction 00006B90 to 00006D90 with the letter "A", that causes the publisher fails, when you open with a debugger like ollydbg I strip the following exception

Access violation when reading [00000046]

Here I leave the proof of concept

Http://es.geocities.com/jplopezy/prueba.pub

The following causes the crash programme. We make a new file and adds an option to "wordart" inserting many letters "A", we open with a hex editor and change from the direction 000077D0 to 000079B0 with the letter "A".

I leave the proof of concept:

Http://es.geocities.com/jplopezy/prueba2.pub

Juan Pablo Lopez Yacubian
fuzzertina.blogspot.com

JSON