Core Security Technologies Advisory - Microsoft Publisher is a desktop publishing application from Microsoft that uses a proprietary file format (.pub). A vulnerability has been found in Publisher 2007, that can be leveraged by an attacker to execute arbitrary code by enticing users to insert a specially-crafted .pub file into a document.
7393db4575d55c43a0190c93fc1da01edde0c4413669ca97163f00e3e4952ff0