RCE in Microsoft Publisher

CVE-2010-2569

pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3, 2003 SP3, and 2007 SP2 does not properly handle an unspecified size field in certain older file formats, which allows remote attackers to execute arbitrary code…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.609 (98.3th percentile) — read the EPSS interpretation.

Affected products

Microsoft Publisher — versions 2007, 2003, 2002
N/a — versions n/a

Weakness classification (CWE)

CWE-94 — Code Injection

References

TA10-348A (US Government Resource, x_refsource_CERT, third-party-advisory)
MS10-103 (x_refsource_MS, vendor-advisory)
oval:org.mitre.oval:def:11555 (x_refsource_OVAL, signature, vdb-entry)
1024885 (vdb-entry, x_refsource_SECTRACK)