Intrusion Prevention



This indicates an attack attempt against a memory-corruption vulnerability in Microsoft Publisher.
The vulnerability exists in the way Microsoft Publisher parses Publisher 97 format files. It allows an attacker to exploit the vulnerability by sending a specially crafted Publisher file to the user and by convincing the user to open the file.

Affected Products

Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 3
Microsoft Office 2007 Service Pack 2
Microsoft Office 2010 (32-bit editions)
Microsoft Office 2010 (64-bit editions)


System compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the patch, available at the vendor's website:

CVE References