Family: Windows : Microsoft Bulletins --> Category: infos
Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (910729) Vulnerability Scan
Vulnerability Scan Summary
Acertains the version of MSPUB.exe
Detailed Explanation for this Vulnerability Test
Arbitrary code can be executed on the remote host through Microsoft
The remote host is running a version of Microsoft Publisher
which is subject to a flaw which may allow arbitrary code to be run.
A possible hacker may use this to execute arbitrary code on this host.
To succeed, the attacker would have to send a rogue file to
a user of the remote computer and have it open it. Then a bug in
the font parsing handler would result in code execution.
Microsoft has released a set of patches for Publisher 2000, XP and 2003 :
Medium / CVSS Base Score : 5.6
Click HERE for more information and discussions on this network vulnerability scan.