Home

CVE-2009-0566

Description

Microsoft Office Publisher 2007 SP1 does not properly calculate object handler data for Publisher files, which allows remote attackers to execute arbitrary code via a crafted file in a legacy format that triggers memory corruption, aka Pointer Dereference Vulnerability.

Risk Information

Base Score
7.8
MODERATE
Vector
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
48.74

Associated Vulnerability

VulnerabilityOS Platform
Security Update for Microsoft Office Publisher 2007 (KB969693)Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234