Pointer Dereference Vulnerability in Microsoft Office Publisher 2007
CVE-2009-0566

Currently unrated

Key Information:

Vendor: Microsoft
Status: Office Publisher
Vendor: CVE Published:; 15 July 2009

What is CVE-2009-0566?

Microsoft Office Publisher 2007 SP1 has a vulnerability that can lead to remote code execution. This issue arises from improper calculation of object handler data in Publisher files, allowing attackers to exploit memory corruption through specially crafted legacy format files. Successful exploitation may enable attackers to execute arbitrary code, posing significant security risks to users of the affected product.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.securitytracker.com/id?1022546

vdb-entryx_refsource_SECTRACK

http://osvdb.org/55838

vdb-entryx_refsource_OSVDB

EPSS Score

54% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2009
Vulnerability Reserved
Feb 12, 2009