<< Back
CVE Number Vulnerability Product Severity Date
MS09-030 Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (969516) 2007 Microsoft Critical 15-07-2009

Technical Information

Brief overview of the risk:
This security update resolves a privately reported vulnerability in Microsoft Office Publisher that could allow remote code execution if a user opens a specially crafted Publisher file.
Detailed Information on the risk:

A remote code execution vulnerability exists in the way that Microsoft Office Publisher opens, imports, and converts files created in versions older than Microsoft Office Publisher 2007. An attacker could exploit the vulnerability by creating a specially crafted Publisher file that could be included as an e-mail attachment, or hosted on a specially crafted or compromised Web site.

Further information on this exploit is available at : MS09-030

Affected Software

2007 Microsoft Office System Service Pack 1