Out-of-bounds Array Index Error in Microsoft Publisher Products
CVE-2011-3410

Currently unrated

Key Information:

Vendor: Microsoft
Status: Publisher
Vendor: CVE Published:; 14 December 2011

What is CVE-2011-3410?

An array index error in specific versions of Microsoft Publisher allows remote attackers to exploit crafted Publisher files. This vulnerability can lead to arbitrary code execution due to improper memory value handling, highlighting the importance of applying timely security updates to vulnerable software.

References

http://www.us-cert.gov/cas/techalerts/TA11-347A.html

third-party-advisoryx_refsource_CERT

http://www.kb.cert.org/vuls/id/361441

third-party-advisoryx_refsource_CERT-VN

http://www.securitytracker.com/id?1026414

vdb-entryx_refsource_SECTRACK

EPSS Score

63% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 14, 2011
Vulnerability Reserved
Sep 9, 2011